An interesting quote in the bbc article says the bank cannot find out who did this because of the Data Protection Act and they cannot stop it from happening again.

Wrong, the police can find out under a fraud investigation.

However, since this was an act of utter stupidity by Jeremy Clarkson, maybe the police has better things to do.

Time to get a new bank account Jeremy.

Hehe, if I worked at a bank I'd do it just to prove him wrong, and I wouldn't need any other details if I worked at his bank!

So if someone is able to do that, then what about cheques?

On every cheque you write is your bank account, sort code and a nice little signature.

He wanted to prove the story was a fuss about nothing.

That's like putting one of those Hacker Safe logos on your site, isn't it? ;)

Checks? Probably one of the biggest culprits in fraud. It is the easiest to replicate. I've been in the printing industry for almost 20 years. I've designed thousands of checks with all the security bells and whistles.

You know what? They don't mean a damn thing! All a forger needs is your account number and that's it. Once they have your account number, a high end laser printer with MICR Toner and 26# check stock and you're good to go.

What do you mean you have all those neat graphic security features on your check? So! The bank teller I'm handing checks to doesn't know what your checks look like. I can design a check to look almost just like yours in less than an hour using Quark. And, I'm going to keep the amounts under $400.00 so as not to raise any flags immediately. I know the process, I've seen clients get stung by it a few times.

Checks are a security nightmare, I don't use them. I do everything online and no longer have a checkbook. That's why we have debit cards. A bit more secure than a printed check.

Oh, and for those of you who keep a box checks under your desk at the office? Shame on you!

That's why we have debit cards

No way am I using a debit card in a shop, credit cards all the way. If they nick that number least they haevn't cleaned out my bank account.

Disclaimer: I used to work for a major UK bank. Firstly, it was naive in the extreme to publish the bank account details. Yes, they appear on every cheque, but the system depends on a certain amount of security by obscurity. A standing order was a good choice as no official paper is even required. Even with a cheque, there is no verification (of signature or anything else) for anything under GBP1000.

Having said that, the bank has failed seriously here and should take some of the blame. High-profile customers are usually handled by specialist account managers, and the fact that he had published his details in a national newspaper should have meant that the bank should have acted by placing a watch on his transactions. Then again, since I left the banks have cut so many posts and centralized everything to the extent that the above probably doesn't apply any more.

[edited by: encyclo at 5:47 pm (utc) on Jan. 7, 2008]

he's very lucky the person who did it was kind, that level of gross stupidity, by someone who people might actually listen to, deserves to be rectified.

A direct debit can easily be revoked. All he would have to do is to call his bank and they would return the money within 24 hours. However he cannot do that because how would it look if he took back the money from a charity organisation.

Humble pie is not Jeremy Clarkson's favourite dish - but he's eating it now, after dismissing the idea that identity fraudsters could use lost financial data covering 25 million recipients of child benefits to steal other people's identities.

Don't do a Clarkson - keep your ID safe [money.uk.msn.com]