An undisclosed number of current and former mortgage customers of HSBC Finance Corp. in the U.S. are being notified that their personal information was inadvertently made publicly accessible on the internet.
How many victims? Altogether undisclosed. 685 customers in New Hampshire were impacted, and an undisclosed number of customers were notified in California.
What type of personal information? Names, Social Security numbers, account numbers, some old account information, and phone numbers in some cases.
What happened? The personal information of current and former mortgage customers of HSBC Finance Corp. in the U.S. was inadvertently made publicly accessible on the internet.
What was the response? HSBC responded immediately to ensure that the information was no longer publicly accessible on the internet. Additional security measures were implemented to prevent a similar incident from occurring in the future. All impacted customers are being notified, and offered a free year of credit monitoring and identity theft protection services.
Details: HSBC believes that the information was made publicly accessible on the internet towards the end of last year. HSBC learned of the incident on March 27 and began notifying affected customers on April 9. The incident did not involve an HSBC website.
Quote: “No evidence of fraud or ill-intent at this time,” an HSBC spokesperson told SCMagazine.com in a Friday email correspondence.
Source: a Friday email correspondence with an HSBC spokesperson; doj.nh.gov, “Incident Notification,” April 10, 2015.