The computer, bought by IT manager Andrew Chapman for £77, had the sensitive details on its hard drive.
Details of customers of three companies, including the Royal Bank of Scotland (RBS) and its subsidiary, Natwest, were involved, as well as American Express.
RBS said historical information relating to credit card applications for its bank and others had been on the machine.
The information is said to include account details and in some cases customers' signatures, mobile phone numbers and mothers' maiden names.
"The information was in back-up CDs and in ISO files so it would have been possibly quite easy to find if you know something about computers," Mr Chapman said.
"Clearly such details should never have been included in the hard drive of the computer offered for sale on eBay," said the spokesman.
Banks have an obligation under the Data Protection Act to keep all personal information secure.
