While the UK government have been heavily criticised in the past with regards to lost data, it seems that this phenomenon is not just limited to the public sector. News that HSBC has lost a disc containing the details of 370,000 customers has not only caused acute embarrassment for the Bank but will ultimately result in a massive fine. So what happened?

It seems that HSBC, who normally use an electronic system to transfer data, were forced to use the Royal Mail in this instance. However, it appears that the disc was not sent by recorded delivery and a frantic search of the offices involved has not yet yielded the missing information. One of the more alarming elements of this serious slip in security is the fact that it seems to have taken HSBC just over 1 month to realise that the data disc had not arrived at its destination.

The FSA have already stepped into the fray and when you consider that Norwich Union were fined £1.2 millions and Nationwide £1 million for smaller security breaches, HSBC can certainly expect to be on the receiving end of a large fine. However while the fine will be substantial, in the overall picture it will be small feed to a bank which makes billions of pounds each year. More worrying will be the affect that this has on the Banks customers, many of whom have yet to be officially informed whether or not their data was included in the batch of 370,000. In some ways the UK banking consumer has a very short memory and this situation could just blow over, however recent comments in the press have woken the public to the threat of ID fraud and other similar situations and this may have an impact on client figures for HSBC.

Just as the debate about the government losing data seemed to be calming down, this will put the whole issue back on the front pages. HSBC have assured the markets that there have been no signs of fraud with regards to the account data held on the disc, but they have admitted that while the data was password protected, it was not encrypted. It does not take rocket science to crack a password and if the disc was to fall into the wrong hands we may see some worse headlines to come.

The point must be made that it is not just HSBC who have lost data about customers, but the problem with this particular incident is the amount of data on the disc, and the renewed public awareness of the possible risks. Unless the banking sector is able to stem the flow of similar news features we could slowly but surely see the public confidence in the current system fall. The regulators are doing all that they can, imposing fines and advising about the future, but ultimately it will take more stringent procedures and more care before reduced confidence can be rebuilt.

While we hope that this is the last of such incidents for some time, there is a fear that this may not be the case.