The Bank of Ireland has lost the personal details of nearly 900 customers.
The sensitive data, which includes details of 894 customer accounts, phone numbers and addresses, had been copied onto a portable flash drive, which was subsequently lost by an employee. The information was not encrypted despite this being required by the bank's policies and procedures.
The theft was discovered last week. According to media reports, Bank of Ireland says it has informed most of the people affected by the data breach, and will monitor their accounts for unusual activity.
The Data Protection Commissioner was at the same time as the bank began contacting customers. The dta privacy office is investigating the incident.
Security vendor Sophos said the data lost would provide cyber criminals with enough information to commit ID theft.
"This security lapse should never have happened in the first place," said Graham Cluley, senior technology consultant at Sophos.
The Data Protection Commissioner is currently investigating the incident.
In April, the Bank of Ireland reported four laptops also containing personal information of over 31,500 customers had been stolen. The laptops have yet to be recovered