Seeking Alpha

Stolen Barclays' client data sold in "worst data breach ever"

  • A stolen database of 27,000 Barclays (BCS) client files has been sold to unscrupulous dealers who are using the information to pressure investors into scams, Mail Online reports.
  • Leaked client data includes earnings, savings, mortgages, health issues, insurance policies, passport and national insurance numbers, and personal data such as clients' hobbies.
  • The loss may be a breach of BCS' obligation under the Data Protection Act to keep personal information secure.
  • Barclays says it will take all necessary steps to contact and advise affected customers as soon as possible.  
Comments (30)
  • CarefulStudy
    , contributor
    Comments (39) | Send Message
     
    Bizarre. I assume it should be extremely difficult to hack high net worth banking profiles ... and yet it has happened. So if Barclays can't keep their own clients data safe, I suppose that my own credit union is hopeless ... lol.

     

    Wonder if LOCK, EFX, FEYE, PANW, PFPT ZIXI, IMPV will rally tomorrow?
    9 Feb, 06:42 AM Reply Like
  • june1234
    , contributor
    Comments (2489) | Send Message
     
    Was thinking same thing .Unlike target thats a lot of people with the pockets and lawyers to contact back Barclays where it hurts
    9 Feb, 07:08 AM Reply Like
  • scabalqu
    , contributor
    Comments (264) | Send Message
     
    It was Barclay's own arrogance, carelessness and hubris that allowed this to happen.

     

    Also, Barclay's penny-pinching IT department also prevented necessary security upgrades to occur on a timely manner.

     

    Of course, Barclay will place the blame somewhere else instead of fixing the existing security problems within their systems. This problem will be swept under the rug and they will make a deal with the Feds to "downplay" the security breach.

     

    Hahaha!
    9 Feb, 03:13 PM Reply Like
  • Derek A. Barrett
    , contributor
    Comments (3534) | Send Message
     
    Guys I will say it is extremely easy to steal anything. It's just how determined the attacker is. You would be surprised at some of the lax security protocols even at huge companies with plenty of resources to solve these problems.
    `
    The best thing you can do is put up multiple layers of defense so the attackers get bored and move on to a softer target. Make sure EVERYTHING is being logged so you know who was the last one accessing sensitive info.
    `
    However the bigger threat is someone on the inside who has gone rogue or disgruntled, or lack of processes to control sensitive information. It doesn't matter how good your technology defense is if someone gets social engineered and gives out a password.
    `
    Get a security auditor to attack your company and then tell you how they broke it. The days of "oh that will never happen to us," are long gone.
    `
    It's not a matter of IF someone is going to attack, it's a matter of WHEN.
    `
    As scabalqu noted, there was probably some penny pinching going on here. IT is not a profit center, it is a cost center, and security is viewed as a "nice to have," so is often never taken seriously because of the lack of ROI.
    9 Feb, 03:54 PM Reply Like
  • Good Captain
    , contributor
    Comments (454) | Send Message
     
    If that's their response, Barclay stands to be the biggest loser here.
    9 Feb, 04:08 PM Reply Like
  • Topcat
    , contributor
    Comments (412) | Send Message
     
    You know all this, how? Links please...thanks
    9 Feb, 05:15 PM Reply Like
  • omarbradley
    , contributor
    Comments (966) | Send Message
     
    actually they can "contact the hackers" and nail gun them if they want apparently.
    9 Feb, 05:22 PM Reply Like
  • omarbradley
    , contributor
    Comments (966) | Send Message
     
    "with no fear of a counter attack" apparently.
    9 Feb, 05:23 PM Reply Like
  • Hoxsie454
    , contributor
    Comments (9) | Send Message
     
    Actually, I think small financial institutions are likely safer than the large ones. The small offices are not targeted because it isn't as attractive a target. Also any hack is more likely to be discovered faster because management is close to the action, not hundreds of miles away in the top of a skyscraper in NYC. Think small!
    11 Feb, 12:24 AM Reply Like
  • Agbug
    , contributor
    Comments (1084) | Send Message
     
    The linked story doesn't say how the data was obtained, so it's not necessarily a hacked database, but maybe just stolen by sneaker net.

     

    Remove the taxpayer ID type data from the files and it's the type of information corporations collect and buy and sell on the average US consumer as a regular transaction. It's as if the story is describing a core part of Google's business model.
    9 Feb, 09:07 AM Reply Like
  • Derek A. Barrett
    , contributor
    Comments (3534) | Send Message
     
    "It's as if the story is describing a core part of Google's business model. "
    `
    LOL
    `
    Such a great point. There are probably for-profit data-miners out there that will sell this information anyway, and it's all perfectly legal. (Not ethical in my opinion but ethical and legal are often not the same thing).
    9 Feb, 04:03 PM Reply Like
  • omarbradley
    , contributor
    Comments (966) | Send Message
     
    this impacts state policy.
    Forget Barclays...Great Britain can't stand idly by while this goes on.

     

    These folks aren't calling the Bank President...they're calling their MP.
    10 Feb, 04:32 PM Reply Like
  • deercreekvols
    , contributor
    Comments (5126) | Send Message
     
    Is this the start of banks reporting breaches, much like Target was the start of the retailers?

     

    Many reasons I choose to use a local regional bank and a credit union to keep my money in.
    9 Feb, 10:38 AM Reply Like
  • Topcat
    , contributor
    Comments (412) | Send Message
     
    They spend even less on security. The best thing is to spread your money around a bit. Much like we had to do in 2008 when the $250k FDIC (up from $100k) was the only thing protecting your cash as almost any institution was set to fail.
    9 Feb, 05:18 PM Reply Like
  • LYogi
    , contributor
    Comments (1978) | Send Message
     
    Was Barclays using BES10? They will be soon if they weren't.
    9 Feb, 12:14 PM Reply Like
  • joeg1969
    , contributor
    Comments (334) | Send Message
     
    $This is why $ETAK will prosper!
    9 Feb, 12:14 PM Reply Like
  • wyostocks
    , contributor
    Comments (7599) | Send Message
     
    Why would anyone give to Barkley's info like passport data, hobbies, health issues, etc. none of which is needed to give financial advice.
    Seems like the "clients" aren't too bright.
    9 Feb, 12:28 PM Reply Like
  • King Rat
    , contributor
    Comments (557) | Send Message
     
    They also sell various insurance-type investment vehicles that may have given them privy. If you've seen the awful movie "Along Came Polly" you might remember that there are examples where a firm wants to know your hobbies in order to provide a life insurance policy.

     

    DISCLAIMER: Along Came Polly is an awful, awful movie with no redemptive value unless you like poorly executed slapstick and abuse of pet ferrets.
    9 Feb, 12:38 PM Reply Like
  • JohnBinTN
    , contributor
    Comments (3572) | Send Message
     
    But, but... It had Jennifer Aniston in it! ;)
    9 Feb, 01:04 PM Reply Like
  • Derek A. Barrett
    , contributor
    Comments (3534) | Send Message
     
    I'm guessing the clients didn't realize that their information was being tracked. From what it sounds like this must have been a marketing, client-services database. I bet it was notes being taken by the client rep that was assigned to each client, as simple as them just sitting down and chit-chatting with their rep, who then entered it into the DB, so they could refer to it later as a way to establish rapport and better service the client (or sell them things based on their interests).
    9 Feb, 04:06 PM Reply Like
  • wyostocks
    , contributor
    Comments (7599) | Send Message
     
    Uh Oh.......

     

    It seems there is more to this story than first thought.

     

    http://bit.ly/1jo2rIg
    9 Feb, 01:06 PM Reply Like
  • joeg1969
    , contributor
    Comments (334) | Send Message
     
    Who would of thought Barclay's busted for stealing?Hello?
    9 Feb, 01:44 PM Reply Like
  • Derek A. Barrett
    , contributor
    Comments (3534) | Send Message
     
    Yep, just as suspected.
    `
    Another reason to do investments yourself.
    9 Feb, 04:09 PM Reply Like
  • jstratt
    , contributor
    Comments (2178) | Send Message
     
    I dont think any entity is above a data breach.

     

    Perhaps the best example is Snowden. My guess is he was flipped by foreign espionage and spun out as a humanitarian. In the process some of the best protected secrets in the world were disclosed.

     

    I do suspect business prospects for PANW are excellent. The combination of premier network security skills with our current environment makes a $4 billion market cap company appear promising.
    9 Feb, 02:36 PM Reply Like
  • jstratt
    , contributor
    Comments (2178) | Send Message
     
    Key detail to add

     

    The data was apparently stolen in 2012!
    9 Feb, 03:20 PM Reply Like
  • papayamon
    , contributor
    Comments (1058) | Send Message
     
    i've downgraded barclays to strong sell because of gross stupidity on the part of management :).
    9 Feb, 04:09 PM Reply Like
  • divinecomedy
    , contributor
    Comments (466) | Send Message
     
    Exactly. My university professor used to say that he'll punish us severely for cheating not because of the act itself rather that we are too stupid to get caught.
    9 Feb, 04:30 PM Reply Like
  • omarbradley
    , contributor
    Comments (966) | Send Message
     
    "stealing from the high net worth individuals while working form inside the bank."

     

    a problem of just getting caught?
    how is "you as thief" as an identity being protected here?
    9 Feb, 05:25 PM Reply Like
  • Debutant
    , contributor
    Comments (1883) | Send Message
     
    Bank clerks who stole client data bases from their own banks and sold them to tax authorities of the clients' countries of residence got away with it with full pockets. That was open invitation for similar acts to follow, be it by insiders or hackers.
    10 Feb, 06:36 AM Reply Like
  • SanDiegoNonSurfer
    , contributor
    Comments (2564) | Send Message
     
    This is an incredibly poorly written article -- almost illiterate. Hard to tell because it's so hard to read but I got the impression a group within the bank itself might have initiated this.
    10 Feb, 08:04 AM Reply Like
DJIA (DIA) S&P 500 (SPY)
ETF Tools
Find the right ETFs for your portfolio:
Seeking Alpha's new ETF Hub
ETF Investment Guide:
Table of Contents | One Page Summary
Read about different ETF Asset Classes:
ETF Selector

Next headline on your portfolio:

|