Last month, Bupa was fined £175,000 by the Information Commissioner’s Office (ICO). The latest data breach fine handed out by the regulator came after a rogue Bupa employee inappropriately copied and removed customer information to sell on the dark web.
A subsequent investigation by the ICO found that the health insurance provider failed to have adequate security measures in place to protect its customers’ personal information.
547,000 Bupa Global customers were affected, and 43,000 of those customers had a correspondence address in the UK.
Between 6 January and 11 March 2017, a Bupa employee stole the personal information of 547,000 Bupa customers and offered it for sale on the dark web. The member of staff extracted information from Bupa’s customer relationship management system and sent to this to his personal email account.
The compromised information included names, dates of birth, email addresses and nationality.
If you are a BUPA custmer and have been involved then you should now consider making a claim.
You can register your details here. Once you complete the secure form a member of our team will be in touch with you.