The UK arm of Zurich Insurance has been hit with a £2.275 million fine for losing sensitive financial information on 46,000 British customers in 2008.
According to the Financial Services Authority, the data breach occurred in 2008, when the company was transferring data, stored in a back-up disk, to one of its data centres.
The FSA claims that the company was not made aware of the data loss until a year ago.
The data lost by the insurer included identifiable personal information, bank and credit card details and insured asset information. Zurich has insisted that the lost data had not been compromised or misused in any way.
Speaking to Businessweek, Margaret Cole, the head of enforcement and financial crime at the FSA, said in a statement: “Zurich U.K. let its customers down badly. To make matters worse, Zurich U.K. was oblivious to the data loss incident until a year later. Firms across the financial sector would do well to look at the details of this case and learn from the mistakes that Zurich U.K. Made.”
The fine is the largest of its type ever imposed on a single company - and the company received a 30 per cent reduction for cooperating with the investigation.