A dozen of the UK's leading banks have been accused of putting the security of potentially millions of customer's in jeopardy by dumping sensitive information in rubbish bins outside their premises.

In a first, the Information Commissioner (ICO) publicly condemned the 12 financial organisations that breached the Data Protection Act, following complaints about the disposal of the personal details.

Commissioner, Richard Thomas, has ordered the banks to sign an undertaking to comply with the principles of the data legislation. Failure to meet the conditions of the Act is likely to lead to enforcement action and prosecution, according to the ICO.

“It is unacceptable for banks and other organisations to carelessly discard their customers’ information. It is vital that banks and other organisations take security seriously,” said David Smith, deputy commissioner in a statement.

“If they do not, they not only risk further action from the Information Commissioner but also risk losing the trust of their customers. Individuals must feel confident that banks and other organisations are safeguarding their personal information,” he added.

The 12 financial organisations named in the probe are Alliance & Leicester, Barclays, Clydesdale Bank, The Co-operative Bank, HBOS, HFC Bank, Nationwide Building Society, NatWest, the Post Office, Royal Bank of Scotland, Scarborough Building Society and the United National Bank.

The ICO began an investigation after receiving evidence from a variety of sources, including a recent BBC Watchdog programme and reports from the campaigning website Scamsdirect.com.