Santander leaks 22,600 account details

Banking giant Santander has apologised for issuing 22,600 statements which included the banking details of customer's other than the recipient's.

The Information Commissioner's Officer (ICO) has launched an investigation.

The printing error resulted in the second and third pages of the statements holding other people's information, which included the customer's name, account number and recent transactions.

Santander has informed the Financial Services Authority and confirms that it will be resending correct statements.

"Due to a technical error at our printers, a number of current account statements dated 18 December have printed incorrectly," said a Santander spokesperson.

"We are sorry for any inconvenience this has caused and have taken immediate steps to correct this. We want to reassure customers that the risk of fraud on their account has not been increased because of this error and that this is a one-off incident."

Santander outsources statement printing but the spokesperson was not willing to confirm which company made the error and insists it is the bank's responsibility.

The printing system resets after every 35,000 statements printed, which prevented 150,000 further statements from suffering the same glitch.

The ICO confirmed that it will be investigating the breach.

"We have recently been informed of a data breach involving Santander. We will be making enquiries into the circumstances of the apparent breach of the Data Protection Act before deciding what action, if any, needs to be taken," said an ICO spokesperson.

"Under the Data Protection Act, organisations that process personal information have an obligation to keep it secure; therefore, it is a matter of concern if information such as account details have been incorrectly provided to the wrong recipient," they added.

"Banks risk losing the confidence and trust of their customers if they fail to safeguard personal information. It is therefore in the interests of both the bank and the customer that this information is handled in line with the requirements of the Act."

Following a number of serious breaches in recent years, the ICO has toughened its stance and since April offeding companies face stiff penalties if found to be negligent.