27 September 2016


Retired Member

2,009Posts 6,490,274Views 2,284Comments
Information Security

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...


23 November 2010  |  4960 views  |  0

Ever clicked send on an email, and instantly regretted it? I think we’ve all been there – but perhaps not to the scale of one UBS employee this week, where a small error has created some rather significant repercussions.

Yes, this is the story of a UBS employee who inadvertently sent an email containing financial details of the then client General Motors’ to more than 100 people. Whoops!

GM have now pulled the plug on the deal – widely regarded as one of the largest currently in the market in an action that could end up costing the Swiss bank $10 million!

Now that’s what I call an own goal – and what a blow this is for the investment and wealth management bank’s reputation.

GM exposed the leak. So it’s safe to assume that once again the source of the data loss – UBS in this case – had no knowledge of the loss until a 3rd party mentioned it. This happens worryingly often. Not only are we losing data, but we aren’t aware when and where it’s gone!

Nick Lowe, head of Check Point’s Western Europe sales division commented: ‘We’ve all made this type of mistake at some point, either by choosing the wrong auto-fill email address, or selecting the wrong email distribution group.’

If we’ve all experienced this in the past, why aren’t we learning from our mistakes – especially with such important information? Yes it’s an accident, but GM has taken no sympathy in dropping UBS as chief underwriter – avoidable mistakes just do not wash with clients, particularly those spending these sorts of figures, and rightly so!

My sympathies go out to what many of you may believe to be the villain in this sorry episode – the ‘sender’. Such an easy to make error, may just have cost him his career. Why – because of UBS lazy and frankly inexcusable approach to client data security.

Where are company policies, protecting information of this nature, and their staff for that matter? A simple mistake caused by a lack of proper safeguards has resulted in one employees being the unfortunate, yet convenient fall guy for UBS.

Until all of us, not just UBS start properly protecting the data of ourselves, as well as clients – accidents and mistakes will happen. That's just a fact of life. Email compliance is not difficult to implement, yet 65% of all data leaks still occur by email, the majority of which are easily preventable.

$10 million loss of business, reputation dragged through the mud, I'm sure UBS will start taking email compliance seriously – does it really have to come to this before we will all sit up and take notice?

I will be interested to see if the Information Commissioner or the FSA have anything to say about this in the coming months.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Retired

Modelling fixed income: Why realtime analytics are key

29 July 2016  |  5140 views  |  0 comments | recomends Recommends 0 TagsPost-trade & ops

Who is looking after your cash?

22 June 2016  |  3177 views  |  0 comments | recomends Recommends 0

Content Marketing to promote your App

16 May 2016  |  6383 views  |  0 comments | recomends Recommends 1 TagsMobile & online

Crypto-Finance will transform financial services!

11 May 2016  |  2656 views  |  0 comments | recomends Recommends 4 TagsBlockchainPayments

Retired's profile

job title
member since 2014
Summary profile See full profile »

Retired's expertise

What Retired reads
Retired writes about

Who's commenting on Retired's posts

Graham Seel
Ketharaman Swaminathan
Gerard Hergenroeder
Konstantin Rabin
Matt Schofield
Anna Robert
Ian Davis
Steve Patel
Aparty Behera
Karim Maalouf