HSBC Fined £3,000,000 for Data Breaches

With security of data being so important in today’s world one would expect every organisation to be taking the uppermost care when it comes to storing data. It may therefore come as a surprise to hear that one of the world’s leading organisations has been found guilty of data loss on more than one account and it hasn’t gone unpunished.

If today’s economic climate isn’t applying enough pressure to HSBC then The Financial Services Authority most definitely is. The FSA has fined HSBC £3m for failing to properly look after its customers’ information and private business data. HSBC’s failure to follow procedure has led to at least two losses of customer data emphasising the fact that no organisation is too big to avoid scrutiny. 
 
In this specific instance the FSA investigated the bank and found unencrypted customer details on open shelves and unlocked cabinets breaching storage requirements. Customer details were also sent via the post or couriers to third parties, and staff were not trained in dealing with the risks associated with identity theft.

With technical advancements made in recent years there are multiple organisations that specialise in the storage of data in an encrypted format. Therefore with these many solutions available on the market today surely there is no excuse for any sized organisation not to be highly efficient in data storage and recovery, especially if financial penalties are in place. 

The investigations into HSBC’s data losses and poor practices have been identified over a period of years.
In April 2007 HSBC Actuaries lost details on 1,917 pension scheme members. In July HSBC Actuaries, along with two other subsidiaries, were warned by HSBC Group Insurance’s compliance department to sort out data security. But in February 2008 HSBC Life sent an unencrypted CD through the post containing details of 180,000 customers. The CD was lost.

HSBC Life UK Limited (HSBC Life) was fined £1,610,000, HSBC Actuaries and Consultants Limited (HSBC Actuaries) was fined £875,000 and HSBC Insurance Brokers Limited (HSBC Insurance Brokers) was fined £700,000.

Margaret Cole, director of enforcement at the FSA, said: “These breaches are very disappointing. All three firms failed their customers by being careless with personal details which could have ended up in the hands of criminals. It is also worrying that increasing awareness around the importance of keeping personal information safe and the dangers of fraud did not prompt the firms to do more to protect their customers’ details.”

This makes us wonder what other organisations are using for data storage, are they using improper practices with customer and business data? How many other organisations are passing under the radar by implementing inadequate data storage procedures?

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal