Skip to content

Cybercrime & Hacking management > security > news

December 07, 2009

HSBC software bug exposes sensitive bankruptcy data

Bank silent on how many were affected

By Robert McMillan

HSBC Bank says a bug in its imaging software inadvertently exposed sensitive data about some of its customers going through bankruptcy proceedings.

Advert

In notification letters made public Thursday, the bank said it had redacted sensitive information in US- Chapter 13 bankruptcy proof-of-claim forms that were filed electronically, but that the information turned out to be viewable "as a result of the deficiency in the software used to save imaged documents."

An HSBC spokeswoman declined to elaborate on the cause of the problem, but said "a limited number of customers" were affected. HSBC has "no reason to believe customers' personal information may have been compromised," she added via e-mail. The company sent letters to affected customers in October and is offering them one year of free credit monitoring.

Some customers of the following HSBC companies are affected: HSBC Taxpayer Financial Services, Beneficial New Hampshire and Household Finance Corporation.

According to documents filed Thursday with the New Hampshire Attorney General's office, HSBC failed to completely redact information on forms that were filed between 1 May 2007, and 17 October 2008. HSBC said it learned of the problem on9 July 2009.

The data disclosed may have covered HSBC credit card, line-of-credit or mortgage information, the company said.

Legal documents are increasingly being filed online, causing some problems as company employees get used to the new formats. Information on paper copies can be redacted with a marker pen, but electronic redaction, if not done properly, can be reversed with a simple cut-and-paste.

Earlier this year, for example, the Associated Press was able to read redacted court testimony that showed Facebook's estimate of its own market value. The AP got its scoop by cutting and pasting the blacked-out sections of a court transcript.

The problem is large enough that two months ago the U.S. District Court for the District of New Jersey sent out guidelines explaining how to properly redact information.

"Electronically filing PDF'd documents is a relatively new process for lawyers," many of whom have only recently started using desktop computers, said Christina Frangiosa, counsel with the law firm Panitch Schwarze Belisario & Nadel.

Follow highlights from ComputerworldUK on Twitter
Sign up for our Daily Newsletter
The UK IT News widget Get it for your site!

« prev article | more security news | next article »

Advert

close

Email this article to a friend or colleague:




PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

close
  • This article is now being printed.
close

What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.


Characters remaining:

close

Click below to add 'HSBC software bug exposes sensitive bankruptcy data - Cybercrime & Hacking - ComputerworldUK' to your blog.



If you do not have a ComputerworldUK Account and would like to use this feature, please Register.

If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.

What is this?

Advert

Question of the day!

Are you struggling to manage multiple servers and storage systems?

Question of the day!

Are you struggling to manage multiple servers and storage systems?

% of ComputerworldUK readers agree with you

Yes
TBC
No
TBC

What are your main challenges in managing multiple servers and storage systems?

119 characters remaining

Follow the conversation at @Virtual_Storage
Find more information at HP Storage Virtualisation Zone

The implementation of associated man hours RT @Jon1975

WHITE PAPERS

*