Aviva has said that it has written to tens of thousands of its customers apologising for a data security breach which led to many of them being encouraged by claims management companies to file personal injury claims.
The insurer insists that no medical or financial details have been stolen, although full details of the breach will not be known until the conclusion of a police investigation into the matter which began after two employees were arrested on suspicion of fraud.
Aviva has blamed the CMC industry for the breach. In a letter to one customer affected by the breach, seen by the BBC's Radio 4 Money Box programme, the insurance company wrote that: "some personal injury lawyers and claims management companies are very keen to acquire accident victims' details. Aviva has long called for stricter regulation of these firms".
However, the BBC reported that Mike Crockhart, the co-chair of the All-Party Parliamentary Group on Nuisance Calls and MP for Edinburgh West, said that Aviva appeared to be a "in denial".
"The data that major companies hold has a value. It's up to those companies to make sure they manage that data. I think they need to come at it with fresh vigour," he said.