board gais stolen laptops

calex71

That was the 1st thing that crossed my mind what I heard about this too.

madmik

jimmycrackcorm wrote: »

Ironically the situation would be much better if nothing had been published at all. I mean, if you stole a laptop or received one such, would you trawl through thousands of files looking for possible bank account details? Now anyone who has gotten a dodgy laptop that hasn't been wiped will start looking....

the majority of people are probably worrying over nothing

most people who buy a stolen laptop for €50 or €100 will likey delete everything or clean install anyway to make room for their mp3 or porn collection

people are guessing this was stolen was a powerful international criminal gang etc but it couuld have stolen by an opportunist junkie just looking for his next fix

foggy_lad

jimmycrackcorm wrote: »

Ironically the situation would be much better if nothing had been published at all. I mean, if you stole a laptop or received one such, would you trawl through thousands of files looking for possible bank account details? Now anyone who has gotten a dodgy laptop that hasn't been wiped will start looking....

but to delay providing the information to the point where the regulator must take action is disgraceful by bord gais, had the regulator not stepped in people would probably never have heard about this, it appears they wanted it to just go away.

madmik wrote: »

the majority of people are probably worrying over nothing

will you guarantee peoples bank accounts in case there is something to worry about?

most people who buy a stolen laptop for €50 or €100 will likey delete everything or clean install anyway to make room for their mp3 or porn collection

quite possibly but they might also check if there is something on it that might be worth more! like banking details of maybe the individual that owned/used the laptop

people are guessing this was stolen was a powerful international criminal gang etc but it couuld have stolen by an opportunist junkie just looking for his next fix

or could have been an international criminal gang that thought the banking details of 75.000 people was worth the risk!

madmik

foggy_lad wrote: »

but to delay providing the information to the point where the regulator must take action is disgraceful by bord gais, had the regulator not stepped in people would probably never have heard about this, it appears they wanted it to just go away.

will you guarantee peoples bank accounts in case there is something to worry about?

quite possibly but they might also check if there is something on it that might be worth more! like banking details of maybe the individual that owned/used the laptop

or could have been an international criminal gang that thought the banking details of 75.000 people was worth the risk!

the bank will refund in the event of fraudulant transactions,its stated in the direct debit guarantee that if a company debits

besides,how would an international crime gang know Bord gais would have should crappy security ?

its beyond belief that EVERY one of the possible safety precautions wasnt in place

zg3409

Dear Mr xxx,

I wish to refer to your email received in this Office in relation to the loss of a laptop by an Bord Gais containing customer information. An investigation has been launched into the circumstances surrounding the incident. This will seek to establish the security procedures that were in place at the time of the incident and will make recommendations, as appropriate, in relation to future security procedures and any other issues to ensure that the company is complying with its data protection obligations to keep personal information in its possession secure.

In relation to your bank details, there would appear to be a low risk that your bank details will fall into the wrong hands and be used to fraudulently access your account. We also understand that Bord Gais Energy has made direct contact with banks and provided the details of those accounts contained on the laptop. In those circumstances we would recommend that you also make direct contact with your bank and inform them of the incident. Your bank will be able to undertake extra checks on your account to attempt to minimise the risk of fraudulent use. It would be useful for you to also check transactions on your account, if you are in a position to do so, as you are best placed to identify any suspicious activity. Regarding the loss of your personal data, should it transpire that you are affected, you have the right to make a written complaint into our Office which we will investigate on your behalf.

If a complaint is received we will keep you up to date with any developments in relation to it. Our approach to complaints, as provided under the Acts is to try to reach an amicable resolution to the matter which is the subject of the complaint. In cases where it is not possible to reach an amicable resolution, a complainant may ask the Commissioner to make a formal decision under Section 10 of the Acts as to whether a contravention has occurred. However, the Commissioner does not have a power to award compensation. Data controllers are liable under Section 7 of the Acts to an individual for damages in the Courts if they fail to observe the duty of care they owe in relation to personal data in their possession.

It is a matter for any individual who feels s/he may have suffered damage from a contravention by a data controller of its data protection responsibilities to take legal advice as appropriate. This Office has no function in the taking of any such proceedings under this Section or in the giving of any such legal advice. Regards

---

Also from listening to the radio I undertand that it was company policy to use encrypted laptops but as they were overwhelmed with new customers, 'somebeody' purchased laptops out of the normal procedures, which did not have encryption.

---

The dataprotection commissioner should be taking them to court but the law seems to suggest the individuals need to do it themselves

So basically if I want compensation for fear and disturbance I must go get legal advice. If we got 1 euro per customer who was disturbed then it would be worth while. Anyone interested in taking a group action??

madmik

that
s
a ba
d

cop
y and
past
e job

parsi

This is a shocking event. What's worse is I expect that it's far from an isolated incident because it seems that nobody really cares about _your_data. This makes the headline because its a big company and a large number of accounts. How often do we hear of the small shop losing their card machines or smaller-scale theft of data ? Is that in some way less important ?

However in the light of the shrill calls for head to roll and folk to be fired I would ask how many people make the effort to protect their own data ?

How many folk burn their bank statements and how many just chuck them in the bin ?

How many folk check their statements regularly ? How many have complained when CC-companies have stopped cards temporarily because of suspicious activity ?

How many people will blindly click on a link that they'll get in an email purporting to be from Bord Gais or their bank asking for info ?

If we don't look after our own data then we can't expect others to do it for us.

discostu1

I am of the opinion that this was just an opportunistic thief, however a friend of mine has exactly the opposite view point. His logic runs thus.
4 Laptops are stolen, one of which has what is agreed by most people to be highly valuable customer information,all BGE laptops are encrypted EXCEPT this one.my mate believes the laws of coincidence dont stretch that far
He believes the data is now in the hands of some dodgy types
His belief is that nothing will move from anyone bank accounts for around 6 months and that slowly the data involved will be used to syphon off small amounts of money.
I hope I am right and these are just his thoughts
I was on to my bank today about something else and mentioned my BGE account they tell me (And who nowadays believes anything their bank tells them) that they have had no contact from BGE and as of now if I have any queries worries talk to BGE

mymo

Asked in my bank today, was told by very nice lady that she's in the same boat, their info was that bge was writing to all affected customers on 19th june(today) and too expect letter early next week. Also said there's not a lot they can do with details but to watch my account in the meantime, until they know more.

jimmycrackcorm

We're obliged to take our laptops home in the evenings. I think that gives a much greater chance of them being stolen in a break-in.

alexmcred

Got the letter off them this morning confirming my deatils were on the laptop. Is it just me or should BGE be giving their customers a bit more than a worthless apology?

KTRIC

Tags edited

MOH

parsi wrote: »

However in the light of the shrill calls for head to roll and folk to be fired I would ask how many people make the effort to protect their own data ?

How many folk burn their bank statements and how many just chuck them in the bin ?

How many folk check their statements regularly ? How many have complained when CC-companies have stopped cards temporarily because of suspicious activity ?

How many people will blindly click on a link that they'll get in an email purporting to be from Bord Gais or their bank asking for info ?

If we don't look after our own data then we can't expect others to do it for us.

I do look after my data. Which makes me all the more angry that these muppets have given it away.

discostu1

I was just having lunch and glancing at the newspapers, on the front page of the Daily Mail (I know, I know its the Daily Mail) there is a story saying that it wasnt 75k customers details IT WAS 140K, they also say that something like 12k credit card details including the 3 digit code at the back of the card and everyones date of birth are also on the laptop.
Now this could be total lies in which case I would expect BGE to roll out Johnny Mullins to confirm same, or it is true. If it is true I am starting to get worried. I cant find a link to the story on line and I only did a bit of speed reading but those are " the facts" as reported by the Mail.

kmcgraphics.com

stumbled upon this today...............................

amoebaassasin

horse7 wrote: »

looks like i,ll have to close my bank account,and all my direct debits,and restart all my direct debits in a new account,due to account details been stolen from boadr gais.

i just spoke to my bank and they advised me to do the same thing... Big pain in the A to do this... i think Bord Gais should be made to reimburse in some way. I really want to cancel my contract with them but I already paid the 100€ deposit - which I paid by cc - I wonder are credit card details also on that laptop?

Scottie99

Stekelly wrote: »

and yet people managed to shop for years with cheques.

Every cheque had the account number and sort code plus the persons name (and a copy of their signature) . A lot of places took contact details too. details


People nowadays have this belief that once someone gets a hold of your 8 digit account number, they have the keys to your life.

http://news.bbc.co.uk/2/hi/entertainment/7174760.stm

Mickelodian

Fnergg wrote: »

It's nothing to do with compatibility issues. It's all down to Bord Gais' (private sector) outsourced contact centre Conduit being unable to cope with the level of applications received. There is no issue from the ESB side.

Hmmm.. so that means that the info is entered into the system and ESB can in fact process these DIRECT over a few days... but this conduit comapny do what...take the info down on paper with a pen?

the way I understand this is that there is in fact a direct switching technology so that if I want to switch to Airtricity tomorrow then by wednesday next week its completed...

So why can't Bord Gas do the same. Admittedly I haven't switched yet... however I asked around my neighbours and friends who did.. on facebook etc.

The bottom line is the two semi states take a month or more... Airticity takes less than a working week... Now that would mean that the compatability with the changing system that Airtricity seem to have... Bord Gas simply do not have... How that come to be... I don't know... and since I'd only be a changing customer... I don't care!

Mickelodian

amoebaassasin wrote: »

i just spoke to my bank and they advised me to do the same thing... Big pain in the A to do this... i think Bord Gais should be made to reimburse in some way. I really want to cancel my contract with them but I already paid the 100€ deposit - which I paid by cc - I wonder are credit card details also on that laptop?

That's in fact what I feared ...that payment would have been made by new customers in advance with their CC details... forget about your credit card cos no doubt Bord Gas also left the CCV numbers on the laptops too... if so then you can get your money back... in full... and Bord Gas would be in REAL TROUBLE

Banks and CC companies take a massively dim view of companies who store CCV numbers. Bord Gas's merchant account should be suspended right now... they are total planks if they let this happen and cannot be trusted with customers details.

discostu1

HSBC fined £3.2 million for losing details of thousands of customers THREE times

HSBC has been hit with three fines totalling £3.2million after losing the details of thousands of customers in the post and putting them at risk of identity fraud.
HSBC Life lost an unencrypted CD with the details of 180,000 policy holders, while HSBC Actuaries lost a disc with data on almost 2,000 pension scheme members, the Financial Services Authority (FSA) said.
HSBC Insurance was also fined by the FSA.

Fines of this order would make ALL our dozzy utilites wake up. Didnt Airtricity lose details a few months ago

Read more: http://www.dailymail.co.uk/news/article-1201377/HSBC-fined-3-2-million-losing-details-thousands-customers-THREE-times.html#ixzz0M17dlfRc



http://www.dailymail.co.uk/news/article-1201377/HSBC-fined-3-2-million-losing-details-thousands-customers-THREE-times.html