Bank of Scotland (BoS), a subsidiary of mortgage-lending giant Hbos, is in the process of notifying more than 60,000 mortgage customers after it was discovered that a computer disk containing private customer details had been lost in the post.

According to BoS, personal details including addresses, dates of birth and mortgage account numbers for 62,000 customers were contained on the lost disk. The disk was sent via the Royal Mail to a credit reference agency more than two weeks ago, but failed to arrive.

BoS maintains there is no evidence the data was stolen for malicious purposes, and claims that the risk of customers being defrauded on the strength of the disk’s data is “very low”.

The BoS episode forms the latest in string of incidents of accidental data loss. Only two months ago Halifax – another subsidiary of Hbos – reported that it had lost mortgage details for 13,000 customers that had been stolen from an employee’s car. Similarly, high street building society Nationwide was fined nearly £1 million in February, following the theft of a laptop from an employee’s car.

Such incidents serve to underline the perpetually low standards surrounding data protection, as many corporate security models continue to focus on securing the perimeter. The proliferation of removable mass storage devices, and the onset of remote working, however, has rendered this model largely obsolete.

Protecting the actual data itself rather than its surrounding environment will in future form the only adequate method of securing corporate assets, according to the Jericho Forum, a security association that has long-warned of the deterioration of perimeter security.