An unnamed third party has been blamed for an error that led to a breach of 83,000 customer records from The Co-operative Group.
The data was related to planning products offered by the Life Planning division of the Co-Operative and an error at a third party support services provider for its life planning and wills and funeral planning division has been blamed for the breach.
According to Money Marketing magazine, a file containing customer information appeared embedded within an internet search. The data has been classed as ‘non-sensitive’ under the Data Protection Act and Co-operative Life Planning has chosen not to name the third party involved.
A spokesman for Co-operative Life Planning, said: “As a result of an error at a company which provides technical support services to Co-operative Life Planning, the security of some data was lowered. A full investigation into how the issue occurred is under way.
“The Information Commissioner’s Office has been notified. We take our responsibilities to our customers extremely seriously and we have written to all the approximately 83,000 customers affected.”
Ross Brewer, vice president and managing director for international markets at LogRhythm, said: “After a similar situation affected Play.com last week, the Co-operative Group security breach is further proof of the way that third parties can expose organisations to online threats. If these service providers are going to have access to data, then it is essential they are subject to at least the same level of security as the company procuring their services.