HSBC faces possible investigation by the UK's financial watchdog after admitting losing a CD containing the details of 370,000 customers.
The CD contains the names, dates of birth and insurance-cover levels of people with life assurance at the bank.
The CD went missing about four weeks ago after being sent from the group's offices to a reinsurer through an external courier.
A spokesman for the bank said that such information was normally sent over an encrypted electronic channel but that the CD had been sent because the system was not working and the information was needed quickly.
A spokesman for HSBC said: "There is no information on this disc in relation to banking or payment details and there were no addresses, so the scope for any fraudulent activity is vastly reduced. There is also no indication it has been stolen, and the disc is password-protected. But we appreciate this is not what our customers expect and we apologise."
The spokesman said the bank would be contacting every customer affected by the loss and was trying to locate the CD.
The Financial Services Authority (FSA) has been informed about the loss, and the bank faces a possible investigation, with the risk of a fine if a lapse in security is found.
A spokesman for the FSA said: "We look to firms to put controls in place to look after things such as information security and data control. We have, in the past, taken action where we felt firms had not met those principles."
The FSA has previously fined insurer Norwich Union £1.26m after its lack of controls enabled fraudsters to cash in £3.3m in polices. Nationwide was also fined £980,000 after a laptop containing confidential customer details was stolen from an employee's home.