HSBC Life lost an unencrypted CD with the details of 180,000 policy holders,
while HSBC Actuaries lost a disc with data on almost 2,000 pension scheme
members, the Financial Services Authority (FSA) said.
HSBC Insurance was also fined by the FSA.
The regulator’s enforcement director Margaret Cole said: “All three firms
failed their customers by being careless with personal details which could
have ended up in the hands of criminals.”
Confidential information on customers was also left on open shelves and
unlocked cabinets and could have been lost or stolen, while staff were not
given enough training on the threat of identity theft, the FSA added.
The security breaches came despite a warning from HSBC Insurance’s compliance
team over the need for robust data controls in July 2007.
The details of the pension scheme members were lost in April 2007, while the
second mishap involving 180,000 policy holders happened in February 2008.
Ms Cole added: “It is also worrying that increasing awareness around the
importance of keeping personal information safe and the dangers of fraud did
not prompt the firms to do more to protect their customers’ details.
“Fraud, particularly identity theft, is a major concern to everyone and
firms must ensure that their data security systems and controls are
constantly reviewed and updated to tackle this growing threat.”
HSBC co-operated with the FSA investigation and received a 30 per cent
discount from the potential maximum fine of £4.55 million.
View full article here
Author: Ezine Article BoardThis author has published 5773 articles so far.