Lynne Chick bought the four-camera system from online retailer Very, but got a surprise when she turned it on
A woman who bought a "new" security system online was shocked to find it contained someone else’s CCTV pictures and videos. Lynne Chick, 45, from Hawarden, bought a Swann four-camera security system from online retailer Very.
She arranged for the £250 system to be installed at a cost of £300 but, when it was switched on, the installation engineer said it could be accessed externally because someone else’s email account had been used to access the unit’s hard drive, which stores pictures and video.
Ms Chick called Very, who advised her to send the whole package back but, as it had been installed, she would have had to pay for re-installation again.
Her partner called the manufacturers of the system, and they said she should "format" (wipe the information off) the hard drive.
Ms Chick said: “Swann gave us the password to get on to the system. There were photographs on there from January this year with car registration plates clearly visible and a family walking around in their garden.
“There were also photographs from October 2017. It could be a massive breach of data protection.”
Ms Chick said that Swann had promised to investigate and were replacing the used unit, but she wanted people to be aware of the dangers of leaving data on hard drives that store personal information.
She added: “I’m concerned they are sending out equipment that has been used and has someone else’s details on it.
“Luckily I am an honest person but it could have been seen by a criminal - not to mention charging full whack for something that is used.”
A spokeswoman for the company confirmed they launched an immediate investigation and sent a brand new replacement for the Digital Video Recording (DVR) unit to Ms Chick.
She said: “From initial investigations, it appears that the unit was distributed as a new product to the retailer, however the product had been misclassified and was a previously used product that should have been sent to our refurbishment department whose process includes the deletion of any data that may have been left by the customer.
“The product classification error occurred as our distribution centre passed this unit back into A Grade stock believing that it was an unopened return.
“We have discussed the cause of this issue with our distribution partner and have put in place additional measures that will result in every returned item being factory reset to ensure all stored data is deleted.
“We are fully aware of our obligations under GDPR and take this very seriously, and accordingly we have reported the issue to the Information Commissioner’s Office.”