Disk Encryption and Data Protection Software
   English
Home » Global banking giant fined for losing personal customer data

Three companies of the world banking giant HSBC have been fined nearly ₤3.2 m for failing to ensure proper protection of their customers’ personal data.

open safe

The Federal Services Authority (the FSA) reported repeated cases of HSBC’s sending “large amounts“ of unencrypted confidential customer data by post or courier with some information left on open shelves or in unlocked cabinets. The FSA qualified keeping and transmitting data on unencrypted media as a careless treatment of personal information of customers and absence of a due identity protection system.

As the FSA reports, the first case (April 2007) involved a lost floppy disk with unencrypted personal data of 1,917 pension scheme members including their addresses, dates of birth and national insurance numbers. The second case was a lost CD that contained personal details of 180,000 policyholders. In both instances the confidential data were found stored on unencrypted media.

The three companies immediately responded to the raised concern, expressed their strong regret of the case and promised to take all the necessary corrective and preventive actions to tackle the issue. Although HSBC stated there had been no complaints coming from the customers associated with losses due to this failure, the FSA believes this could have brought out much more adverse consequences if the information got into the wrong hands.

The FSA describes such cases as a disturbing lack of the companies’ awareness of the importance to ensure adequate safekeeping and protection of personal information. This case is illustrative of the necessity to assure information security not only at the level of human responsibility but also at that of technology.

World News

June 23, 2011 - SEC to Charge Companies Failing to Encrypt Customer Data
GunnAllen Financial has been fined by the Securities and Exchange Commission (SEC) for breaching customer data security, and it’s not the first time that GunnAllen has been accused of violating customer privacy rules. It has already faced three cases of stolen laptops and one case of unauthorized access to corporate email by a former employee.
June 6, 2011 - Dropbox Accused of Intentionally Underprotecting 25 Million Customers’ Data
The Federal Trade Commission has recently announced that private information of Dropbox’s customers is not secure any more. Let us remind that Dropbox specializes in cloud-based data storage services and has more than 25 million users.
November 15, 2009 - NHS Trust patient records repeatedly exposed over the last month
Several patient data theft cases were brought to the attention of the Information Commissioner’s Office (ICO) over the last month. Those involved eight desktop computers and four laptops containing sensitive patient details stolen from different hospitals. In most cases, the computer equipment was neither protected with any of encryption means, nor kept physically secure in locked premises, thus, carelessly exposing patients’ mental and physical health details to the risk of unauthorized access or theft.
Copyright © 2002-2011 Exlade, Inc. All rights reserved.
Russian