A bank staff member checks RMB banknotes at a bank in Lianyungang, East China's Jiangsu province, Jan. 7, 2016. [Photo/Xinhua]

FIFTEEN PEOPLE in Mianyang, Sichuan province in Southwest China, have been caught leaking and trading the personal banking information of 2.57 million users. Those involved, who included bank managers, raked in 2.3 million yuan ($349,000) selling the information to brokers. Beijing Youth Daily commented on Tuesday:

According to the reports, managers in a sub-branch of a rural commercial bank sold the information of people making credit system queries at 10,000 yuan per person. Likewise, two employees from a branch of CITIC Bank accessed the credit reports of customers and sold the information to brokers.

The frequent reports of personal information leaks have raised concerns about how people's personal information is used and protected. But the case revealed by Mianyang police is worrying as it involves the comprehensive selling of customers' personal details by bank employees.

Information stored on corporate networks is at risk because it is more accessible than ever. Organizations provide easy access to databases containing the personal information of huge numbers of people.

Banks have an obligation to safeguard the information they collect on individuals, and they should be held accountable for any disclosures of the confidential data of customers. In other words, in dealing with this case, it is necessary to not only hold the staff involved accountable, but also the banks involved.

Moreover, the banks should compensate those individuals whose personal information has been leaked by their employees.

Such breaches of the regulatory requirements for handling sensitive data can reduce customer confidence and damage a company's reputation. Enterprises that collect and store personal information have a responsibility to protect it and to foster a corporate culture in which employees adhere to policies and procedures that provide internal checks of staff access to such information.