HSBC is informing some customers in the US that their mortgage account information was inadvertently made accessible via the internet.
The bank discovered at the end of March 2015 that 685 mortgage customers in New Hampshire in the US were affected. The bank said it believes the information was made accessible online towards the end of 2014.

HSBC UK told Computer Weekly: “This matter only affects some mortgage customers of HSBC Finance Corporation in the US.”
The information potentially exposed included names, social security numbers, account numbers, old account information and possible phone numbers.
“HSBC takes this very seriously and deeply regrets that this incident occurred. We are conducting a thorough review of the potentially affected records and have implemented additional security measures designed to prevent a reoccurrence of such an incident,” said the bank in a statement.
The information is no longer accessible publicly, it added.

HSBC started informing customers on 9 April 2015 and is offering them a free subscription to a service called Identity Guard, which will help the customers identify if their details are being used by fraudsters.
“It not only provides essential monitoring and protection of credit data, but it also monitors internet chat rooms and newsgroups, and alerts customers if their social security number, credit cards and bank account numbers are found in unsecure online locations,” said HSBC.
There were no details on how the bank uncovered the problem or whether any customer data had been used fraudulently.
In 2009, three HSBC companies were fined a total of £3m by the Financial Services Authority (FSA) for failing to protect customer information, which led to two incidents of data going missing.
HSBC Life UK was fined £1.61m; HSBC Actuaries and Consultants was fined £875,000; and HSBC Insurance Brokers was fined £700,000. All of these companies are part of HSBC’s insurance business.
The FSA revealed that “large amounts” of unencrypted customer details had been sent via post or courier to third parties.

Email Alerts
Register now to receive IT-related news, guides and more, delivered to your inbox.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Read More

Related content from


Leave a Reply