Bank of Ireland suffers email Data Breach

Wizuda blog - Bank of Ireland suffers email Data Breach

According to an Irish Times article 110 Bank of Ireland staff were affected by a data breach earlier this year where their pay and benefits were mistakenly circulated internally.

A spokesman for the bank confirmed the breach, stemming from the human resources department, where “information relating to some staff was inadvertently emailed to a number of senior managers last April.” The bank took steps to “ensure that there was no misuse of the information and the incident was reported to the Data Protection Commissioner”, he said.

Sources said that the salaries, pension and other benefits of 70 private banking staff and 40 employees in insurance and investments were accidentally sent by a human resources official to about 20 managers in the organisation. They were asked not to send the email and attached document further.

While the sender subsequently managed to recall the message from a number of recipients, others had opened and forwarded it on.

While the bank informed the Office of the Data Protection Commissioner immediately after the error was discovered, it decided not to inform the individuals whose information was circulated. It is believed that this decision was made on the basis that the bank had managed to contain the breach and that the document did not contain bank account details or information that could lead to a financial loss.

“The Data Protection Commissioner received a breach notification, in relation to the matter referred to, by Bank of Ireland on April 28th, 2017, under our Personal Data Security Breach Code of Practice,” a spokesman for the commissioner said.

The risk of such email data breaches can be significantly reduced with Wizuda’s Compliant File Share (CFS) solution. Additionally in cases where mail has been sent to the incorrect recipients, its retraction capabilities allows users to quickly and easily retract any data that was sent to the wrong recipient, while also giving full visibility over exactly who viewed and downloaded a file.

Wizuda’s CFS solution is an easy to use and secure alternative to email for file sharing. The secure and file sharing features along with a multitude of compliance features enables organisations to share files in accordance with the GDPR requirements. These features include:

  • Authorisation workflow reporting ensures any high-risk files are approved prior to sharing. While simple customisable impact assessment tick boxes give users the ability to request extra approvals based on the determined risk level.
  • Anonymisation and Pseudonymisation quickly and easily removes personally identifiable information.
  • File viewer options gives users the ability to restrict access to view only, apply watermarks of give full download capability. By implementing this feature in the Bank of Ireland situation, those employees who received the email, may not have been given the opportunity to download the attached file.

With only six months left until the GDPR comes info force, Wizuda are seeing more and more companies looking to CFS to avoid costly data breaches. To learn more about Wizuda’s CFS solution, click here

To read more about the Bank of Ireland data breach,click here.

the challenge - wizuda case studies

The board of a multinational medical device organisation required a secure, cloud-based solution which facilitated virtual board member collaboration on key documents in preparation for monthly board meetings.

The documentation was regularly of a highly commercially sensitive nature, largely relating to ongoing clinical trials, and as such demanded a secure and encrypted platform which could be implemented without the engagement of internal IT resources.

Key challenges that need to be  considered:

  • Geographically dispersed stakeholders
  • Highly commercially sensitive documentation
  • No internal IT involvement
  • Multiple stakeholders required to collaborate on
    single documents
the solution- wizuda case studies

Wizuda MFT gave them a centralised view of all their file transfer activities and a network overview of the data flows. IT now had instantly available reporting and could provide geographic maps and network overviews to senior management of all file transfer activities in the organisation. These could also be categorised in ways that made sense for the business from a priorities perspective. Wizuda’s unique ‘Health Check’ dashboard with automated monitoring and alerts, allowed them to manage all transfer operations proactively and ensured they were always on top of any issues.

From a GDPR compliance perspective, transfers could be linked to Data Protection Impact Assessments were required and data could be anonymised as part of the transfer process. Wizuda MFT enabled them to apply the latest security protocols for file transfers and encrypt data at rest and in transit. Passing cyber-security and GDPR compliance audits became a lot easier.

About Wizuda

Developing IT Solutions to Make Businesses Better

At Wizuda we focus on developing IT solutions which help businesses grow and empower people to collaborate and stay connected securely and compliantly. Specialists in secure data transfer since 2001, all development and support operations are carried out from our two Irish 

offices located in Dublin (Wizuda Headquarters) and Limerick. We pride ourselves in developing software solutions that allow organisations to take back control of their file transfer and data sharing operations, enabling them to operate efficiently, securely and compliantly

Quick Contact