Skip to main content

HSBC Ordered To Pay £3.2 Million After Losing Customers' Data

In what could be considered as a lesson for financial firms which have been repeatedly falling short on effective measures to protect their customers’ details from being stolen, Europe’s biggest bank, HSBC Holdings, has been slapped with a financial penalty worth £3 million for failing to safeguard its customers’ data from being picked.

The Financial Service Authority (FSA) posed hefty fines on three insurance firms that are part of HSBC after it discovered that huge volumes of customer information had either been sent using couriers or posts to third parties, or simply left lying in open shelves and unlocked cabinets.

In spite of alerts from HSBC’s compliance department about the requirement of more robust security controls, two divisions of the bank lost computer discs containing details of its customers.

The data loss incidences date back to April 2007, when one of the bank’s division, HSBC Actuaries, lost an unencrypted floppy disc containing details of 1,917 pension scheme members.

Following this, another division of the bank, HSBC Life, misplaced an unencrypted CD containing information of around 180,000 policyholders in the post back in February last year.

The director of enforcement at the FSA, Margaret Cole, commented upon the case by saying, “In areas where we have previously warned firms of the need to improve, people can expect to see fines increase to deter others and change behaviour in the industry”.

You can follow on (opens in new tab) and join more than 1750 other followers.

Our Comments

It is incredible that a company the size of HSBC managed to lose its customers' details. Public bodies often go through rather more complex procedures to determine where the responsibilities lie. Since HSBC is a private company - and therefore not entirely accountable to the public - it is not clear whether the matter will actually be solved or swept under the mat.

Related Links

UPDATE 2-HSBC fined record 3.2 mln stg for UK data lapses (opens in new tab)


Oops . . . HSBC fined £3m for data breaches (opens in new tab)

(Times Online)

HSBC hit with big fine after losing thousands of customers' details (opens in new tab)

(The Independent)

HSBC to pay £3m fine after customer data loss (opens in new tab)

(Financial Times)

HSBC fined by the FSA for losing 180,000 customers' bank details (opens in new tab)

(Daily Mail)

HSBC fined £3m for 'careless' handling of customer details (opens in new tab)


Désiré Athow
Désiré Athow

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.