Back in March of 2010, HSBC had a huge and embarrassing data breach where an employee resigned and stole details on the bank’s private operations in Switzerland. Around 24,000 accounts were compromised in that theft, and more than 15,000 of those accounts are still active. Although HSBC Bank claimed that the stolen data could not be used to access accounts, a data breach is a data breach and the manner in which it happened was suggestive of lax security on the spot. An investigation followed the incident and HSBC bank invested in better security in their Swiss office.
This time, HSBC bank customers had a deja vu when HSBC bank reported that another employee has pulled off the same stunt (resign, steal customer records and walk out) in California. The information contains HSBC Bank customer account numbers, account types, phone numbers and names. HSBC bank has also sent a letter to its customers, an excerpt from which reads:
If you find suspicious activity on your credit reports or have reason to believe your information is being misused, call or contact your local law enforcement and file a police report. Get a copy of the report; many creditors want the
information it contains to absolve you of the fraudulent debts. You also should file a complaint with the FTC at www.ftc.gov/idtheft or at 1-877-ID-THEFT (877-438-4338). Your complaint will be added to the FTC’s Identity Theft
Data Clearinghouse, where it will be accessible to law enforcers for their investigations.
Although the data breach took place last Saturday, HSBC Bank did not report it before this Tuesday. As remedial measures, HSBC Bank is offering one year of subscription to ITAC Sentinel, a credit card monitoring service. But will that make existing customers feel any safer?