HSBC error leads to potential exposure of customer PII
In a cautionary move HSBC is informing some customers of a potential breach.
HSBC bank is informing some of its customers that their personal information, including Social Security and various bank account numbers, may have been exposed to a third party.
According to a filing with the California Attorney General's office, several encrypted and password protected disks were mistakenly sent on December 7 or 8 to an unauthorized third-party vendor that performs financial analytics for HSBC. Here the disks were opened, but when the third party realized the disks contained more information than was requested they were returned to HSBC.
“While the third party has attested that HSBC customer data was not loaded, accessed, or viewed by their personnel, HSBC is notifying you out of an abundance of caution,” HSBC said.
The disks contained names, addresses, Social Security numbers, mortgage and deposit account numbers, payment history details and demographic data.
HSBC is offering a free year of credit monitory to those affected.