The HSBC banking group have reportedly lost a computer disc containing the details of 370,000 customers. The disc was lost four weeks ago after being sent by courier from the bank's life insurance offices in Southampton.
HSBC, who have admitted losing the disc, which contained customers' names, dates of birth, and level of insurance cover, are assuring customers that no bank account details have been lost, and that their exposure to potential fraud is therefore limited.
Guide on how to protect youself from ID fraud
"We are looking into it and basically it has got lost from A to B," said an HSBC spokesman.
"The re-insurer we sent it to is doing a thorough search for the disc. We will do anything we can to find it."
"There are no financial details there in terms of banking details. There are no address details or anything like that," he added.
This is not the first time that this has happened in recent months. In the past year, both the Nationwide building society and the Norwich Union insurance company have been penalised with heavy fines and suffered public reprimands for similar displays of negligence that compromised the privacy of their customers' details.
The FSA (Financial Services Authority) has been informed of the data loss and, consequently, HSBC are likely to be subjects of an investigation.
Data loss has been no stranger to the headlines lately, the most notable example, in terms of media attention and public concern, came last year when the HM Revenue and Customs (HMRC) infamously lost a set of computer discs while they where in transit between London and Newcastle.
This particular case was the cause of so much public uproar due to the sensitive, and potentially valuable, nature of the details on the discs, which incidentally have still not been recovered.
The discs contained the entire child benefit data base, covering 25 million claimants, including full bank and building society details.
The level of data protection has understandably been under increasing scrutiny in this country. Last month, a committee of MPs, the Joint Committee on Human Rights, said the government had "persistently failed" to take it sufficiently seriously.
Further criticism, regarding data protection standards, was aimed at the organisations that process personal information, after this latest data loss, by the Information Commissioners Office (ICO).
"They must ensure it is held securely. This is an important principle of the Data Protection Act," it said.
"In recent months there have been a number of incidents of data losses in the public sector. This case demonstrates that data protection must also be a priority for the private sector.
"Once the ICO has heard from HSBC about the outcome of their investigation we will decide what, if any, further action is needed on our part," it added.
Concern amongst HSBC's customers has been heightened by an admission by the banking group that although the data on the disc was protected by a password it had not been encrypted.
A spokesman for the bank stated that normally the insurance data would be sent electronically, but in this instance the link was not working, so the data was sent to the reinsurance firm in Folkestone by the bank's normal postal service operated by the Royal Mail.
"We hold our hands up and say it wasn't good enough," said the spokesman, amidst his attempts to explain the happenings that lead to the data loss.
"The documents should have been encrypted," he added.
The bank, along with the re-insurance firm, will now begin investigating the loss, as well as writing to all of the customers who could potentially be affected.
Are you a concerned customer of HSBC, or are you just generally concerned with the data protection standards in this country? Let us know your thoughts!
If you are concerned with ID fraud, we suggest using checking your credit report for free with a 30-day trial of CreditExpert.
Related Stories
Embarrassing ID frauds hit the rich and famous
Oops Customs did it again!
£20,000 if you find the discs
Data loss fraud; who should pay up?
Clarkson does U-turn on ID fraud