A Freedom of Information request to the Information Commissioner's Office (ICO) has uncovered a 183% rise in reported Data Protection Act breach investigations within the UK financial services industry in the last two years.
The data, compiled at the request of encryption vendor Egress Software Technologies, shows that all of the UK’s major banks and lenders - including Barclays, HSBC, Lloyds Banking Group, Natwest, Nationwide and Santander - have reported multiple incidents to the ICO in the last two years.
In total, 791 incidents have been investigated since the start of 2013, with 585 breach reports filed in 2014 alone. Fines issued to the financial services sector by the ICO during this period have totaled £455,000.
Egress CEO Tony Pepper comments: “With planned reforms to EU General Data Protection Regulations, the financial services industry must take action now or risk falling foul of laws that could see much tougher penalties handed out for a data breach."
The British Bankers Association has hit back at the Egress study, stating: "Our sector spends hundreds of millions of pounds protecting personal information, and it’s vital that misleading reports like this don’t undermine customer trust.
“The banks have a responsibility to send out reports when data has been accidentally compromised. In the majority of cases the ICO takes no action, either because the issues in question aren't within their remit or because there has not actually been a breach. The increase in reports indicates that banks' compliance checks are working effectively and breaches are being identified and reported."