In what could be considered as a lesson for financial firms which have been repeatedly falling short on effective measures to protect their customers’ details from being stolen, Europe’s biggest bank, HSBC Holdings, has been slapped with a financial penalty worth £3 million for failing to safeguard its customers’ data from being picked.
The Financial Service Authority (FSA) posed hefty fines on three insurance firms that are part of HSBC after it discovered that huge volumes of customer information had either been sent using couriers or posts to third parties, or simply left lying in open shelves and unlocked cabinets.
In spite of alerts from HSBC’s compliance department about the requirement of more robust security controls, two divisions of the bank lost computer discs containing details of its customers.
The data loss incidences date back to April 2007, when one of the bank’s division, HSBC Actuaries, lost an unencrypted floppy disc containing details of 1,917 pension scheme members.
Following this, another division of the bank, HSBC Life, misplaced an unencrypted CD containing information of around 180,000 policyholders in the post back in February last year.
The director of enforcement at the FSA, Margaret Cole, commented upon the case by saying, “In areas where we have previously warned firms of the need to improve, people can expect to see fines increase to deter others and change behaviour in the industry”.
You can follow ITProPortal.com on http://www.twitter.com/itproportal (opens in new tab) and join more than 1750 other followers.
It is incredible that a company the size of HSBC managed to lose its customers' details. Public bodies often go through rather more complex procedures to determine where the responsibilities lie. Since HSBC is a private company - and therefore not entirely accountable to the public - it is not clear whether the matter will actually be solved or swept under the mat.
UPDATE 2-HSBC fined record 3.2 mln stg for UK data lapses (opens in new tab)
Oops . . . HSBC fined £3m for data breaches (opens in new tab)
HSBC hit with big fine after losing thousands of customers' details (opens in new tab)
HSBC to pay £3m fine after customer data loss (opens in new tab)
HSBC fined by the FSA for losing 180,000 customers' bank details (opens in new tab)
HSBC fined £3m for 'careless' handling of customer details (opens in new tab)