07 Apr 2008
HSBC has lost a computer disc containing details of 370,000 customers.
The disc - lost whilst being couriered between offices four weeks ago – contained details including names, dates of birth, levels of insurance cover, and whether or not a customer smokes.
HSBC said the disc would have very limited use to criminals.
"The data disc lost by HSBC contains no address or bank account details," saida spokeswoman.
"Nonetheless, HSBC would like to apologise to its life assurance customers for any concern this may cause them."
The bank will contact every customer effected, and has informed the Financial Services Authority (FSA).
The bank still hopes to find the disc, which was password protected.
HSBC is the latest in a line of banks to lose information, with Nationwide and Norwich Union suffering fines from the FSA for losing customer details.
Incidents like the last security breach from HSBC have three major contributing factors. First, there is an institutionalised lax approach to data security, where staff do not fully understand how to handle sensitive data. Second, there is no technology in place to manage which computer users are able to copy confidential data to removable media devices like CDs or USB sticks. Third, data that is legitimately copied to such devices is not adequately protected - either in terms of the encrypting of data or the method of transit. On the rare occasion there is a real business need to transfer data of this nature to a third party, I would insist on the data being encrypted with a 256-bit cipher and that it was sent by a private courier (or preferably an employee) direct to its destination.
Posted by: Matt Fisher, Centennial Software 08 Apr 2008
Have your say on this article
Newsletters
Latest stories from Privacy
Latest videos
You may also like
Privacy jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
