HSBC Bangalore suffers £233,000 security breach

A security breach at HSBC's offshore data-processing unit in Bangalore has led to £233,000 being stolen from the accounts of a small number of UK customers.

A 24-year-old worker at the HSBC operation has been suspended after being accused of accessing confidential account information and passing it on to criminal associates in the UK.

Fears of the security of offshore business process outsourcing (BPO) operations will be heightened by reports in India claiming the HSBC employee also used false records to obtain the job at the bank. The HSBC worker was caught when the fraud was detected by the bank's security systems.

A spokesman for HSBC told ZDNet UK’s sister site, silicon.com: "Our internal security team discovered one of HSBC's staff in Bangalore caused customer data to be leaked leading to a small number of accounts from the UK being compromised."

He declined to comment any further on the details of the breach but said all affected customers — reported to be around 20 in number — have been contacted and will be fully reimbursed for any losses.

The HSBC spokesman added: "We are taking data protection seriously. These systems are sophisticated and in place to help track these things down."

Sunil Mehta, vice president of India's IT industry body Nasscom, insisted such security breaches are not unique to offshore operations and can happen in any country.

He said: "India, with its strong legal system and its independent judiciary, is a country that takes this responsibility extremely seriously. Nasscom will work with the legal authorities in the UK and India to ensure that those responsible for any criminal breaches are promptly prosecuted and face the maximum penalty."

Just last month Nasscom created a new regulatory body to help improve data security among India's offshore IT services and BPO companies.