Bank of Ireland admit to another 21,500 stolen account details

RATM

Just on the 6 o'clock news now. They said it was 10,000 last week, now they've admitted its 31,500, will probably be double that by the end of the week.
Im closing my account down tomorrow, after years of pissing me off Im finally going to get up off my lazy ass and shut it down

Sherifu

AIB customer \o/

Abi

RATM wrote: »

Im closing my account down tomorrow, after years of pissing me off Im finally going to get up off my lazy ass and shut it down

I've already set up camp elsewhere, just need to pay off the last of my over-giraffe and then Im dust.


Farce of a bank. Wtf is it with sh.it goin missing lately?

Wasnt the social welfare hit recently too? Fuggin joke.

kerash

How do they manage to lose all their laptops and sh1t, thats what i wanna know, they shoud be shot.

Rb

Sherifu wrote: »

AIB customer \o/

*high five*


Love how BOI are trying to downplay the whole thing though, firstly admitting that thousands of peoples "sensitive data" (their words, not mine) was stolen and then saying the risk of fraud is minute. Yeah fcking right.

It's a pity because they're a pretty good bank and this is going to do an enormous amount of damage to them.

boardsie08

The data that was stolen - did that only pertain to BOI customers in Dublin, or was it a nationwide thing whereby ALL BOI customers could potentially be affected??

Rb

boardsie08 wrote: »

The data that was stolen - did that only pertain to BOI customers in Dublin, or was it a nationwide thing whereby ALL BOI customers could potentially be affected??

Didn't see it specified on the news, you should ring and ask if you're worried. If they say it'll only affect Dublin customers make sure to get it in writing.

Thrill

I'm thanking my lucky stars that I don't bank with them either. I can see their phones ringing off the hook for the next few days with angry and concerned costumers wanting to know if they were one of those whose details are out there in the hands of God knows who.

jgalvin

boardsie08 wrote: »

The data that was stolen - did that only pertain to BOI customers in Dublin, or was it a nationwide thing whereby ALL BOI customers could potentially be affected??

According to BOI, initially it affected some customers who obtained a quote or took out a life assurance policy at one of these branches:

• Drogheda
• Dunleer
• Bagnelstown
• Court Place Carlow
• Stephens Green
• Tallaght
• Montrose

Now they have admitted that 29 branches have been affected - from RTE:

The new branches identified are Bray, Ardee, Arva, Ashbourne, Athboy, Cavan, Bailieborough, Cootehill, Kingscourt Ballybay, Dunboyne, Carrickmacross and Ballyjamesduff,

Other branches are Oldcastle, Kells, Navan, Trim, Kill O' The Grange, Blackrock, Dún Laoghaire, Talbot Street and Greystones.

It could be much worse, we don't know. And I don't think the AIB guys should be so smug - without no mandatory disclosure laws in Ireland, banks and other institutions are not required by law to publicise breaches like these. Wouldn't surprise me if somebody has a collection of AIB laptops with our details too.

Wertz

boardsie08 wrote: »

The data that was stolen - did that only pertain to BOI customers in Dublin, or was it a nationwide thing whereby ALL BOI customers could potentially be affected??

Well in the initial release of 10,000 account holders, they were spread out round the country and it was apparentl,y only customers of BoI's life assurance products...being a BoI customer for years, I'm weighing up my options about keeping my account with them. I'm paranoid to the point of obsession about ID theft...so when the bank I lodge thousand sto each year can't be arsed to take the precautionary measures that I take as an individual, it doesn't instill confidence.

I'd like to know why they didn't come out with this back when it happened, if not to the customer then at least to the regulators....chances are high that the laptop thefts were petty thieves taking an opportunity and that the data got formatted off the drives....but honestly, who really knows? Where the hell are all these laptops being stolen from, and why are people's details on there in a readable format? I mean you can encrypt things pretty easily these days....but that's not the point. WHY are sensitive deatils even requuired to be on individual employee's laptops, when they could just be stored on a server and accessed as required??

Rb

Wertz wrote: »

WHY are sensitive deatils even requuired to be on individual employee's laptops, when they could just be stored on a server and accessed as required??

Laziness.

Wertz

I'd have to agree. That and possible ineptitude...so much easier to just get someone from IT to put all your homework on the lappy, rather than messing about with VPNs and log ins, in the evening...

I don't like the locations released in the 2nd wave of branches...an awful lot of them around my neck of the woods. Wouldn't be any surprise if Dundalk popped up in that list

Dord

AIB ftw!!

stepbar

rb_ie wrote: »

Laziness.

+1. Costcutting, laziness whatever you want to call it.

I was told that the reason why such information is downloaded the laptops is because "sometimes" the lads from BOI Life have to visit customer's homes and need to access information. I nearly choked with horror. Mobile broadband :rolleyes: Amateurish stuff TBH.

The only plus out of this is that BOI have said that all people affected will be refunded if they're the victim of fraud. And...... I'd hope people involved are compensated as well....

In all the PR exercise has worked a treat LOL As Dunphy said once - "A shambles, an utter shambles".

Toto Wolfcastle

There was some guy on Drivetime on Radio 1 today who, as well as mumbling a whole lot of nothing, said that they did not tell the public initially because they did not want the people who have the information to realise just how sensitive it is.

stepbar

janeybabe wrote: »

There was some guy on Drivetime on Radio 1 today who, as well as mumbling a whole lot of nothing, said that they did not tell the public initially because they did not want the people who have the information to realise just how sensitive it is.

He meant to say that they thought they would get away with it...... Typical :rolleyes:

Toto Wolfcastle

stepbar wrote: »

He meant to say that they thought they would get away with it...... Typical :rolleyes:

Probably! The excuse on Drivetime was woeful though. Did they not think someone would find out at some stage and that they'd look bad for hiding it? Did they not think that the people who have the laptops might be able to figure it out for themselves if they really wanted to do anything with the information?

And most importantly, why the hell do people keep losing laptops or leaving them unattended where they can be stolen? It's a freaking laptop with sensitive information on it. My laptop has no sensitive information on it and you can be damn sure that I keep an eye on the thing.

Wertz

It could be just through house burglary or theft from cars, it's only four laptops...once it's just random theft for the hardware and wasn't targetted at specific bank employees for the data.

Toto Wolfcastle

Wertz wrote: »

It could be just through house burglary or theft from cars, it's only four laptops...once it's just random theft for the hardware and wasn't targetted at specific bank employees for the data.

Of course, but it has been happening all too often lately. Perhaps it's time for people to realise that sending sensitive information out into the world on a laptop, which is something that is targetted by burglers, is not a good idea.

Donald-Duck

stepbar wrote: »

+1. Costcutting, laziness whatever you want to call it.

I was told that the reason why such information is downloaded the laptops is because "sometimes" the lads from BOI Life have to visit customer's homes and need to access information. I nearly choked with horror. Mobile broadband :rolleyes: Amateurish stuff TBH.

Because wireless broadband is so secure. The odds are it was stolen for being a laptop, in that case, whoever stole it, won't know how to get any of the data off it.

Sherifu

We need self destructing laptops.

Wertz

I agree 100%....who knows what kind of stuff is out there on portable devices that are the target of thieves, which is why it should be either centrally and securely stored for read access, or properly encrypted/locked. I'd like to think that the 4 laptops in question were at least password protected and when the stuff couldn't be accessed they just installed an OS or sold it someone who did...

stepbar

Donald-Duck wrote: »

Because wireless broadband is so secure. The odds are it was stolen for being a laptop, in that case, whoever stole it, won't know how to get any of the data off it.

If you read my msg you would have seen that they download customer information to the laptops because they need to be able to access it whilst out and about. The information should have been kept centrally and mobile broadband / vpn's used to access it. TBH it's a damm sight more secure than carrying round the entire BOI life database on a laptop.

the_syco

RATM wrote: »

Just on the 6 o'clock news now. They said it was 10,000 last week, now they've admitted its 31,500, will probably be double that by the end of the week.

You talking about the laptop that went missing LAST MONTH but which they told no-one about, till someone copped on about it?

Toto Wolfcastle

Wertz wrote: »

I agree 100%....who knows what kind of stuff is out there on portable devices that are the target of thieves, which is why it should be either centrally and securely stored for read access, or properly encrypted/locked. I'd like to think that the 4 laptops in question were at least password protected and when the stuff couldn't be accessed they just installed an OS or sold it someone who did...

Couldn't have said it better myself!

stepbar

Wertz wrote: »

I agree 100%....who knows what kind of stuff is out there on portable devices that are the target of thieves, which is why it should be either centrally and securely stored for read access, or properly encrypted/locked. I'd like to think that the 4 laptops in question were at least password protected and when the stuff couldn't be accessed they just installed an OS or sold it someone who did...

I'd say there's a good chance that the laptops are sitting pretty in someone's living room now. I don't think the laptop's were stole to order but that being said one was stolen from a branch..... The rest were stolen from cars. I'd say the chances that the laptops fell into wrong hands are slim but none the less it doesn't make it one less bit serious.

Donald-Duck

Wertz wrote: »

I agree 100%....who knows what kind of stuff is out there on portable devices that are the target of thieves, which is why it should be either centrally and securely stored for read access, or properly encrypted/locked. I'd like to think that the 4 laptops in question were at least password protected and when the stuff couldn't be accessed they just installed an OS or sold it someone who did...

It would be encryped. Wouldn't be even able to boot the laptop with that hard drive in it without a password.

star-pants

It's a bit mental how all this info is being 'stolen' - social service stuff in England wasn't it? And AIB breach, and BOI laptops etc..
And AIB isn't any better than BOI - sure didn't last year they send out thousands of statements to all the wrong houses? (IIRC)

But I assume there has to be a lot of encryption on the laptops no?

Wertz

I would already have assumed so since it's nearly at the level of consumer technology....but why then all the fuss?
Apart from the obvious bit about not coming forward with news of the thefts, if the data is safe (depending on level of encyrption) then it doesn't matter about the thieves knowing what they have or not, so why not come forward and admit what happened? Trying to hide it just alarms people more and makes it look worse...

star-pants

That's the thing - wasn't some of this stuff missing since last year? why wait till now? Is it they'd hoped to find it and not have to alarm people? but then after a certain amount of time they're told they have to tell the customers/public?

stepbar

star-pants wrote: »

That's the thing - wasn't some of this stuff missing since last year? why wait till now? Is it they'd hoped to find it and not have to alarm people? but then after a certain amount of time they're told they have to tell the customers/public?

I'd say it was more like someone leaving a nice parting present to the bank.....