HSBC has informed New Hampshire's Attorney General of a compromise of some records of current and former mortgage customers of its HSBC Finance unit. HSBC Finance is a nonbank lender, formerly known as Household Finance, that HSBC bought in 2003. The bank is in the process of winding it down.
In the breach, some personal information about mortgage accounts was "inadvertently made accessible via the Internet," including customers" names, Social Security numbers, account numbers, old account information and possibly some phone numbers, the bank wrote in a letter to state officials.
The bank says it learned of the breach March 27, and said it took place late last year.
"HSBC takes this very seriously, and deeply regrets that this incident occurred," the bank wrote in its letter. "We are conducting a thorough review of the potentially affected records and have implemented additional security measures designed to prevent a recurrence of such an incident."
HSBC said it has ensured that the information is no longer publicly available. It began notifying affected customers on April 9 by letter. It also offered customers a free one-year subscription to Identity Guard, a credit monitoring and identity theft protection service.
A spokesman for the bank confirmed the breach, but would not say how many records and customers were affected, nor how the breach occurred or what the bank is doing to prevent future breaches. He did say the breach only affected some U.S. customers of HSBC Finance.
