ICO has fined the Bank of Scotland (BoS) £75,000 for repeatedly faxing protected information to the wrong addressees. Over a three-year period, the bank faxed information such as payslips, dates of birth and addresses to incorrect fax numbers, which meant they were sent outside the group rather than, as intended, to another office within the group. One organisation received 21 faxes and one member of the public 10. The organisation, whose fax number was one digit different to the intended recipient's, told BoS of the error but continued to receive faxes. It then told ICO, but the misdirected faxes continued during the investigation. ICO said the failings were particularly serious as they continued for so long, BoS did not itself report them and they compromised individuals' data in a way that would have made identity fraud easy. (Source: ICO Fines BoS Over Data Breaches)