Bank of Ireland Fined €463,000 Over Data Breaches
Bank of Ireland has been fined €463,000 by the Data Protection Commission (DPC) for a number of data breaches from November 2018 to June 2019 affecting customer personal information.
The DPC said it investigated the series of data breaches made by the bank, which impacted more than 50,000 customers.
The notifications concern the corruption of information in the Bank of Ireland’s data feed to the Central Credit Register (CCR), a system that stores loan information.
The bank was fined for the breaches and the delays in communicating with affected customers.
The DPC said that 19 of the reported incidents constitute breaches under the General Data Protection Regulation (GDPR).
In addition to the €463,000 in fines, the DPC issued Bank of Ireland a reprimand and has ordered it to bring its processing into compliance with data protection regulations.
A bank statement said: “Bank of Ireland fully acknowledges, and sincerely apologises for, these breaches. The Bank takes its regulatory and compliance obligations very seriously and regrets that it has fallen short in this way.”
Bank of Ireland said it notified all affected customers and had rectified the inaccurate information reported to the CCR in all but 20 cases, which will be corrected shortly.