/regulation & compliance

News and resources on regulation, compliance, legal and governance issues for banks and fintechs.

Bank of Ireland fined over data breaches

Bank of Ireland has been fined €463,000 by the Data Protection Commission for a series of data breaches affecting customer personal information.

  0 Be the first to comment

Bank of Ireland fined over data breaches

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The DPC says it investigated 22 personal data breach notifications made by the bank between November 2018 and June 2019, affecting more than 50,000 customers.

The notifications related to the corruption of information in Bank of Ireland’s data feed to the Central Credit Register (CCR), a centralised system that collects and securely stores information about loans.

The problem led to some unauthorised disclosures of personal data as well as accidental alterations of data on the CCR.

The DPC says it has concluded that 19 of the reported incidents count as breaches under the General Data Protection Regulation (GDPR).

The bank has been fined not only for the breaches but for delays in communicating with the affected customers. The DPC has also ordered corrective action.

Says a bank statement: "Bank of Ireland fully acknowledges, and sincerely apologises for, these breaches. The Bank takes its regulatory and compliance obligations very seriously and regrets that it has fallen short in this way."

This is not the first fine Bank of Ireland has faced in recent times. In December, it was hit with a €24.5 million fine by the central bank over IT deficiencies that took over a decade to fix.

Sponsored [Webinar] PREDICT 2025: The Future of AI in the US

Comments: (0)

[On-Demand Webinar] Exploring the ethics of AI in bankingFinextra Promoted[On-Demand Webinar] Exploring the ethics of AI in banking