A “rogue” Bupa Insurance Services Ltd. employee was able to get hold of more than half a million customers’ personal data and offer it for sale on the dark web, a U.K. data regulator said.
The Information Commissioner’s Office fined Bupa 175,000 pounds ($228,235) over the incident, in which the names, email addresses, dates of birth and nationality of 547,000 customers were taken and offered for sale.
It was only discovered months later, when a party described by the ICO as an “external partner” to Bupa spotted the customer data on sale. The employee who took the data has been ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.