The major bank has admitted that a computer disk containing the life insurance details of nearly 400,000 customers has been lost. The disk went missing at some stage during courier transportation between a HSBC office and the office of reinsurers Swiss Re. Usually life insurance information is transmitted between companies using a secure data connection, but on this occasion a technical fault prevented this, so a Royal Mail courier was used instead.
"HSBC would like to apologise to its life assurance customers for any concern this may cause them. Each customer will be contacted shortly and a thorough investigation into this matter is under way," the bank has said.
If HSBC is found guilty of not taking reasonable security precautions the bank could face a hefty fine from the Financial Services Authority. The company has already been fined once by the FSA this year to the tune of £1.1 million for 'poor procedures' when selling payment protection insurance. Last year Norwich Union Life was fined £1.26 million by the Financial Services Authority for procedural failings which meant fraudsters were able to get sensitive information from operators in the banks call centres.
The situation has been compared to a similar incident last year which involved HM Revenue and Customs losing computer disks containing the personal and banking information of 25 million people. In this case however, HSBC has been quick to point out that the missing disc did not contain addresses or bank account details. The disk did contain names, dates of birth and the details of each customer's life insurance policy.
The data on the disc was password protected but it wasn't encrypted. HSBC's explanation of why this was the case, was that usually the information was sent by secure data link so there was no need. "We hold up our hands and say it wasn't good enough," a spokesman told the BBC in an interview, adding "the documents should have been encrypted."
This latest loss of data is just one in a long line of failings by large companies and governmental organisations to keep our details secure. A laptop computer was stolen from a Shropshire medical centre which contained the details of more than 200 children. Four CDs containing personal details from court cases was lost by The Courts Service. Information about nearly 600,000 people went missing when a Royal Navy officer's laptop was stolen from his car in Birmingham and details of 14,000 customer records were lost by Skipton Building society.
It is more important than ever that we keep personal details safe because a new culture of information criminals have taken to selling personal details online. A report by Symantec has recently revealed the new threat to online security. A slew of 'credit card supermarkets' have emerged. Criminals collect credit card numbers and ID information such as names, addresses and dates of birth and sell the details online for as little £5. Government agencies and banks need to be more careful if they don't want our details to fall into the wrong hands.
| Sarah Othman is an author of several articles pertaining to Life Insurance. She is known for her expertise on the subject and on other Business and Finance related articles. |
No comments:
Post a Comment