HSBC has been having a rough week with regards to data security stories in the media. Turns out that they lost a server at a location in Hong Kong two weeks ago.
From The Asian Banker:
The Hongkong and Shanghai Banking Corporation Limited confirms one of its computer servers went missing on 26 April 2008 at its Kwun Tong Branch, which has been undergoing renovation. The server held transaction data on approximately 159,000 accounts. The data held on the server includes account number, customer name, transaction amount and transaction type. However, the server does not contain any customer PINs, passwords or User IDs.
The server is protected by multiple layers of security. The risk of data leakage and fraudulent transactions resulting from the loss of the server is deemed to be low by the Bank. HSBC has in place fraud monitoring tools that are regularly reviewed.
Multiple layers of security? I find it interesting that at no point do they indicate if the drives were encrypted.
Explore
Security Bloggers Network
