A storage device containing Lloyds TSB customer data has gone missing from one of Royal Sun Alliance’s (RSA) data centres, the bank has admitted.
The storage device contained names and addresses, bank account and sort code details, and has been reported stolen.
RSA said that most of the stolen data was “publicly available information”, but confidential information of its home emergency cover customers was also on the device.
The company said that affected customers would receive a letter from the company.
RSA claimed that it had no evidence to suggest that the data had been misused in any way (yet) but has offered affected customers the use of its identity protection tool, called Cifas, for two years for free. Customers who register for Cifas will have to pay a £20 registration fee, which would then be reimbursed.
RSA said that it won’t email or make unsolicited phone calls to customers regarding this incident – it will only contact customers by letter – and affected customers should receive their letter by Monday 14 September.
The company added that it is carrying out a full investigation to understand how the incident occurred in a bid to ensure that it doesn’t happen again. It has also informed its regulators – the Financial Conduct Authority (FCA), the Prudential Regulation Authority (PRA) and the Information Commissioner’s Office (ICO) – and the matter has been reported to the police.
For further information, RSA has a FAQ section available on its website for customers.