REUTERS/Susana Vera
A protester wearing a Guy Fawkes mask, symbolic of the hacktivist group
A storage device containing the data was taken from RSA Insurance, which provides emergency home insurance for Premier Account holders, on July 30. RSA confirmed the theft in a statement on its website.
The box contained names, address, account numbers, and sort codes of customers.
RSA says in a statement on its website:
We have advised our regulators and are in the process of contacting potentially impacted customers to apologise.
We are working with the police on a full investigation and although there is no evidence to suggest that this data has been misused in any way, we are offering identity protection with Cifas [a fraud protection agency] for two years to provide reassurance to these customers.
We recognise this should never have happened and apologise to all customers who have been impacted.
The data breach only affects Lloyds Premier customers who opened their account between 2006 and 2012 and then made a claim on the home insurance policy, the BBC reports.
Police from the Organised Crime Unit are investigating the incident, according to the BBC.
A Lloyds spokesperson said in an emailed statement to Business Insider:
RSA was the Home Emergency insurance cover provider for a small number of Lloyds Premier Account holders and the data was held as per standard data retention requirements and processes. We are continuing to work closely with RSA on their investigation and impacted customers have been contacted. Any of these customers can call the dedicated freephone helpline number 0800 316 8090 to discuss concerns.