BreachExchange mailing list archives
UK’s biggest pub chain Greene King accidentally leaks bank details of 2,000 staff in email
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Wed, 30 Nov 2016 16:59:10 -0600
https://www.thesun.co.uk/news/2290843/uks-biggest-pub-chain-greene-king-accidentally-leaks-bank-details-of-2000-staff-in-email/ Greene King offered one year's identity theft alert as compensation but angered staff say it's not good enough. THE UK’s largest pub retailer and brewer have been forced to apologise to its staff after accidentally leaking their personal bank details. Members of the Greene King’s payroll department sent an email to managed pubs notifying them of a HMRC error and explaining how they would fix it. But the e-mail, sent on Thursday, contained a list of over 2,000 bank account numbers and sort codes for some staff. Realising their data breach management at the Cardiff branch, where the email is believed to have been sent from, quickly began handing out letters informing and apologising to staff for their error. Under the heading ‘briefing points for discussion with affected team members’, the letter read: “I’m contacting you to let you know that unfortunately Greene King has identified a data breach as part of a communication that was sent to pub computers yesterday explaining that HMRC had made an error in the calculation of tax codes for some people ahead of pay day today. “The e-mail contained an attachment which included bank account details of some of our team members and I’m sorry to tell you that your name, account number and sort code were included in the list.” The pub then told staff to “keep a close eye on your bank account over the coming days and notify your bank should you see any suspicious activity.” After discovering their mistake, Greene King, who has now launched a full investigation, said their IT team worked through the night to delete the e-mails from inboxes. To compensate their staff, the retailer, who described the incident as “totally unacceptable” offered staff affected the option to have a 12 month subscription to an identity theft alert scheme, paid for by Greene King. But one angry worker at the Cardiff office, said: “Their offer of compensation was laughable. “People could end up losing lots of money over this if their details have got into the wrong hands. “That e-mail would have gone to so many different managed pubs, it’s a scary thought if your name and bank account details are on it. “I know they said the IT department are deleting things and overriding computers, but what if someone printed the e-mail out, there’s no way to stop it then. “It’s a human error, but to be honest it’s a massive one, and we’re not happy about it.” Signing off the apology letter, they said: “On behalf of Greene King I would like to say again that we are very sorry that this has happened and please be assured that the business is committed to doing all it can to put it right as soon as possible.” The mistake is not believed to have contained any other information linking the details back to the person involved, such as their National Insurance number or home address. A spokesman for Greene King said: “On Thursday night we discovered the bank account number and sort code details for just over 2,000 of our 44,000 team members were emailed in error to a number of our pubs earlier in the evening as part of a communication about an HMRC tax code error.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- UK’s biggest pub chain Greene King accidentally leaks bank details of 2,000 staff in email Inga Goddijn (Dec 01)