Zurich UK has been fined a record £2.27 million for losing customer personal data

The Financial Services Authority (FSA) has fined the UK operation of Zurich Insurance £2.27million for losing the personal details of 46,000 customers.

According to the FSA, this fine is the highest to be levied on a single firm to date for data security failings.

The fine has been given for failing to have adequate systems and controls in place to prevent the loss of customers’ confidential information. The data lost included identity details, and in some cases bank account and credit card information.

The FSA claim the loss of such data could have had severely detrimental effects on the customers and could have possibly led to financial crime.

Zurich lost the data during a routine transfer to a data storage centre in August 2008. As there were no proper reporting lines instated at the time, the insurance firm did not learn about the incident until a year after it had taken place.

Margaret Cole, FSA Director of Enforcement and Financial Crime, said: “Zurich UK let its customers down badly.

“It failed to oversee the outsourcing arrangement effectively and did not have full control over the data being processed by Zurich SA. To make matters worse, Zurich UK was oblivious to the data loss incident until a year later.”

Zurich UK has admitted that the incident was unacceptable.

Mrs Cole added: “Firms across the financial sector would do well to look at the details of this case and learn from the mistakes that Zurich UK made.