Your Oxford
Get involved: send your photos, videos, news & views by texting 'OXFORD NEWS' to 80360 or email »
'No action' fear over bank data
6:26pm Thursday 28th August 2008
An Oxford University IT manager who inadvertently bought a computer containing a million people's bank details from Internet auction site ebay fears the whole matter will be "swept under the carpet".
Andrew Chapman sparked a nationwide security alert when he discovered the financial details on a computer server he bought from the website.
Names, addresses, bank details, sort codes, phone numbers, mothers' maiden names and signatures were found on one of two servers he bought for £71.77 from an ex-employee of electronic data storage company Graphic Data.
The Information Commissioner's Office, the UK's independent information watchdog, has vowed to investigate the matter urgently.
But the 56-year-old, from Seacourt Road, Botley, said the Commisioner had not accepted his offer to hand in the server so officials could examine it.
Mr Chapman said: "What I hope doesn't happen is that Graphic Data say it was all a regrettable one-off and the Information Commissioner's Office does nothing.
"I think it will be swept under the carpet, because the ICO has no powers to do anything."
The server contained information about American Express, NatWest Bank and Royal Bank of Scotland customers.
Mr Chapman said he stalled Graphic Data's attempts to get the computer back until he spoke to an ICO investigator, who made no commitment to take hold of the server.
He later exchanged phone calls with Essex-based Graphic Data and also received an email, which told him the server was stolen, so he decided to return it.
It has since emerged that it had not been stolen.
He was instructed to hand the hardware back to an employee in a black Audi - and even told check the registration of the car before giving the computer equipment back on Tuesday evening.
An ICO spokesman said investigators were more concerned with the circumstances leading to the data being leaked than getting hold of the equipment itself.
She said: "We're very concerned about the data breach. It is still very much an active investigation."
She added the ICO had the power to issue enforcement notices and prosecute if it found evidence the Data Protection Act had been breached.
But Mr Chapman said: "I think the present laws are completely ineffective."
Your Say YourOxford
Keith Appleyard, says...
10:39pm Thu 28 Aug 08
oxfordman, oxford says...
11:00pm Thu 28 Aug 08
erik, oxford says...
9:20am Fri 29 Aug 08
Ray, oxford says...
10:44am Fri 29 Aug 08
Jock, Headington says...
10:25pm Fri 29 Aug 08
At least it's more remedy than you can expect when the government gives away details on 25 million of us. If we always rely on the "authorities" to "do something" the message is not going to get through to the organizations that keep such data. Sue the **** off them. But that's presumably not an option now unless Mr Chapman also managed to make copies of the data before handing them back.
I am quite sure these days there would have been law firms falling over themselves for that kind of class action business.
Your sayYourOxford
Add your comment
Register for a FREE Oxford Mail account and you can have your say on today's news and sport by adding comments on articles we publish. The best comments may even get published in the paper.
Please register now or sign in below to continue.
In this section
- City gets set to blitz litter
- Spaniel rescued from frozen pond
- Lord Mayor praises Poppy Appeal team
- Heater causes fire
- Winter benefits relieve chill
- Scream heard before woman's death
- Princess visits farms event
- Airport express route on cards
- Police follow up robberies leads
- John Lewis ‘committed to scheme’
Sponsored Links
Local Advertisers
Local Information
Enter your postcode, town or place name
Andrew, Oxford says...
9:32pm Thu 28 Aug 08
The investigation has to be undertaken properly - the ICO cannot simply jump up and down, finger point and pass out a £1m fine.