A security breach at international bank HSBC's offshore data-processing
unit in Bangalore has led to funds being stolen from the accounts of a small
number of U.K. customers.
A 24-year-old worker at the HSBC operation has been suspended after being accused of
accessing confidential account information and passing it on to criminal
associates in the United Kingdom.
The HSBC worker was caught when the fraud was detected by the bank's
security systems. The breach could increase fears surrounding the security
of offshore business process outsourcing.
"Our internal security team discovered (that) one of HSBC's staff in
Bangalore caused customer data to be leaked, leading to a small number of
accounts from the U.K. being compromised," an HSBC representative told
He declined to comment further on the details of the breach but said all
affected customers--reported to be about 20 for a total theft of £233,000 pounds
(US$424,832)--have been contacted and will be fully reimbursed for any losses.
"We are taking data protection seriously. These systems are sophisticated and
in place to help track these things down," the HSBC representative added.
Sunil Mehta, vice president of Indian IT industry body National Association
of Software and Service Companies (Nasscom), insisted that such security
breaches are not unique to offshore operations and can happen in any country.
"India, with its strong legal system and its independent judiciary, is a
country that takes this responsibility extremely seriously," he said. "Nasscom
will work with the legal authorities in the U.K. and India to ensure that those
responsible for any criminal breaches are promptly prosecuted and face the
Last month, Nasscom created a new regulatory body to help improve
data security among India's offshore IT services and business process
Andy McCue of Silicon.com reported from London.