Fined 75,000 pounds for repeatedly faxing personal data to unsuspecting people. Sensitive information included payslips, bank statements, account details and mortgage applications, along with customers’ names, addresses and contact details.

The Bank of Scotland is part of the Lloyds Banking Group. Even after complaints started rolling in, the mistake continued for three years. Finally complaints reached the desk of the data privacy watchdogs at the Information Commissioner’s Office (ICO).

"The Bank of Scotland has continually failed to address the problems raised over its insecure use of fax machines," said Stephen Eckersley, head of enforcement at the ICO, in a statement. "To send a person’s financial records to the wrong fax number once is careless. To do so continually over a three-year period, despite being aware of the problem, is unforgivable and in clear breach of the Data Protection Act.

"Let us not forget that this information would have been all a criminal would ever need to carry out identity fraud," he added.