Bupa loses personal details in security breach

Bupa has admitted a massive data breach after customer details were deleted in a violation of data rules, according to the company.

The data security occurred after an employee copied and deleted the details of 108,000 customers with health plans around the world, including information on names, dates of birth and contact details.

Thankfully, the company has confirmed that all customers affected have now been informed, and that no medical or financial data was lost during the breach.

However, customers have been warned to be suspicious in case any cyber criminals attempt to use their details to gain financially from the breach.

Commenting on the incident, a letter from the company stated that the firm would like to "personally apologise" for the damage caused. They said: "Protecting the information we hold about you is our absolute priority and I am sorry that this has happened. We are taking this seriously and taking steps to address the situation."

Despite concerns from customers, Bupa has confirmed that the firm did not suffer from a cyber attack, and instead was the victim of a rogue employee who had deliberately leaked the information.

The employee in question has been fired, according to Bupa, and an investigation has now been launched into who the incident occurred and what new data security measures should be introduced.

"A thorough investigation is under way and we have informed the Financial Conduct Authority and Bupa's other UK regulators," said Sheldon Kenton, managing director of Bupa. "The employee responsible has been dismissed and we are taking appropriate legal action."

Contact us

ISO 27001
ISO 9001 logo
ISO 20000 logo
Cyber Essentials logo
Internet Service Providers Association logo
Internet Telephony Service Providers Association logo
LINX logo
RIPE logo
AWS Partner Network logo
Microsoft Partner logo
Crown Commercial Service supplier logo