HSBC fined £3.2 million by FSA over data loss

By Becryptsecurity
In Main Menu
January 28, 2010
2 Min read
H

The fining of high street bank HSBC for losing customer data has been praised as a positive step.

HSBC was fined £3.2 million for a series of data security http://www.becrypt.com/emea/Products/disk-protect losses of customer data by the Financial Services Authority (FSA) after its Life division lost an unencrypted CD containing the details of 180,000 policyholders. The disk was sent by regular, unrecorded post and contained names, ages, sex, dates of birth and policy numbers without any form of data protection.

Nick Lowe, regional director for Northern Europe at Check Point, claimed that the fine was a positive step towards ensuring data protection and network security http://www.becrypt.com/emea/Products/disk-protect and that confidential data is kept protected, whether stored or in transit.

Lowe said: “The biggest data loss of 180,000 customer details, occurred just three months after the massive HMRC breach and in identical circumstances. Hopefully the FSA’s ruling and fine will encourage all companies to take more care with the data they hold.

“But it will take a long time before these safeguards are used by a majority of firms. In Spring 2009 our security survey found that over 50 per cent of public and private sector firms still do not have encryption in place to secure their data, so there is still much education to be done.”

Bernard Parsons, CEO of Becrypt, claimed that there is a need to understand the ways that such network security breaches can occur, how this could happen and also what can be done to circumvent this issue.

Parsons said: “This yet again highlights the need for organisations of all types to take stock of how they protect and handle data security, particularly on removable forms of media, such as hard drives, memory sticks and so on. It also highlights the dangers of sending unprotected data via removable media without first encrypting it, therefore protecting the information whilst it is in transit.

“It’s a classic people/processes/technology conundrum: human behaviour is unpredictable – mistakes happen or intentional malicious intent can circumvent best practice guidelines, this is where a solid information assurance policy can help protect an organisation’s integrity, reputation and the data it holds.”

Contact Details:
Becrypt
[email protected]
90 Long Acre , Covent Garden, London WC2E 9RA
United Kingdom
+61 (0) 2 9959 1961

About the author

Becryptsecurity
View all posts

Read more

By Becryptsecurity January 28, 2010