The computer, containing the names, addresses, date of births, national insurance numbers and investment details of 14,000 customers was snatched from a gym being used by a contractor's employee.

Now the Information Commissioner's Office (ICO) has found Skipton Financial Services broke the law by failing to ensure personal information about customers was secure.

In a ruling published today the ICO criticises the firm for not having encryption measures in place to safeguard data.

The laptop was stolen from a gym in December last year from an employee of Moore Stephens Consulting.

It followed a series of a high-profile scandals involving personal data which had been lost by both HM Revenue and Customs and the DVLA.

Skipton Financial Services, a subsidiary of Skipton Building Society, has now signed an undertaking to ensure information held on laptops is protected in future

The ICO's assistant commissioner Mick Gorrill said: "It is not always possible to prevent the theft of mobile devices such as laptops, but it is possible to minimise the damage caused by such losses.

"Companies must introduce adequate security procedures and safeguards, for example password protection and encryption, to protect personal information before it is allowed to leave the premises on a laptop."

The company's managing director Simon Holt wrote to all 14,000 customers to apologise after the laptop theft.

He said: "Skipton Financial Services takes very seriously its responsibilities under the Data Protection Act. Following the theft of a laptop in December last year, while in the possession of Moore Stephens Consulting, a third party working on our behalf, the swift actions we took to protect our client data have been recognised by the ICO."

All of the affected accounts were suspended and there was no evidence that data had been misused.