The Cost Of Data Breaches In The UK: Getting A 30% Discount On Millions.

HSBC, the global banking giant, has been in the news several times over the past couple of years over data breaches of customer information.  A data encryption software solution, like AlertBoot, would have prevented most of these breaches–as pointed out by the Financial Services Authority (FSA).  However, HSBC did not move quickly enough, and is now being fined for a total of more than £3 million (nearly US $5 million).  They do get a 30% discount for settling quickly, though.

Three HSBC Firms Fined

Three firms under the HSBC umbrella were fined: HSBC Life UK (£1.61 million), HSBC Actuaries and Consultants (£875,000), and HSBC Insurance Brokers (£700,000).

These fines follow the loss of unencrypted floppy disks and CDs in the mail.  The combined breaches affected over 150,000 people.  And while HSBC maintains that no customer has complained to them about losses related to the incidents…well, how would clients know?

I mean, how would clients know that a particular attempt at fraud stemmed from the data loss by HSBC?  The UK government alone had a breach that affected 1 in 4 Britons; it could have stemmed from that incident.  Or some other data breach; Lord knows the UK has at least one every week.

Easily Prevented

The thing about these breaches is that they could have been easily prevented.  The use of CD encryption software or file encryption is all it takes.  In fact, I’ve covered how an agency in the UK is going about CD protection the right way.  If they can do it, I don’t see how a bank–with infinitely more resources, and with a greater interest in customer protection (let’s face it, there a lot of banks out there)–would not be able to.

Such protection can even be extended to laptop computers and portable hard disks, although it would be in the form of whole disk encryption, where the entire hard drive of the computer is encrypted, and, naturally, anything that’s saved to it as well.

On the other hand, depending on which package one goes with and the scale of the project, it could be very hard to implement an enterprise-wide encryption project.  That being said, there are solutions that make installing encryption easy.

Related Articles and Sites:

Comments (0)

Let us know what you think