Credit card provider suffers breach, personal data lost

MBNA, the UK’s largest credit card provider, has confirmed that a laptop containing the personal details of its customers has been stolen from one of its third party contractors – NCO Europe Ltd – earlier this month. The information is said to include personal details, however, no PIN numbers were reported to be contained in the stolen data.

Although the exact details have yet to be confirmed, it is expected that thousands of customers will be affected by this incident. Whilst the situation is monitored, MBNA has provided affected customers with free access to CreditExpert from Experian over the next 12 months.

Jamie Cowper from PGP Corporation comments: “As the decade draws to a close, it seems only fitting that news of yet another data breach hits the headlines. This time, it’s trusted credit card provider – MBNA – a company that lists the security of its customers as one of its top priorities. However, there is no indication that the stolen laptop was defended by any kind of data protection policy.

“Whilst MBNA has been responsive, offering apologies to its customers over the incident and up to a year’s worth of access to an identity fraud protection service, they are going to struggle to maintain customer confidence in the long term unless they take action to demonstrate that they take the security of customer information seriously – both internally and in the hands of contractors.

“With the ICO expected to crack down more heavily on breaches of data protection in 2010 and an influx of legislation governing this area just around the corner, organizations would be well advised to act now and deploy technology, such as encryption, to avoid paying the price later.”