International bank HSBC hit by Bangalore breach

A security breach at international bank HSBC's offshore data-processing unit in Bangalore has led to funds being stolen from the accounts of a small number of U.K. customers.

A 24-year-old worker at the HSBC operation has been suspended after being accused of accessing confidential account information and passing it on to criminal associates in the United Kingdom.

The HSBC worker was caught when the fraud was detected by the bank's security systems. The breach could increase fears surrounding the security of offshore business process outsourcing.

"Our internal security team discovered (that) one of HSBC's staff in Bangalore caused customer data to be leaked, leading to a small number of accounts from the U.K. being compromised," an HSBC representative told Silicon.com.

He declined to comment further on the details of the breach but said all affected customers--reported to be about 20 for a total theft of ?233,000 pounds ($424,832)--have been contacted and will be fully reimbursed for any losses.

"We are taking data protection seriously. These systems are sophisticated and in place to help track these things down," the HSBC representative added.

Sunil Mehta, vice president of Indian IT industry body National Association of Software and Service Companies (Nasscom), insisted that such security breaches are not unique to offshore operations and can happen in any country.

"India, with its strong legal system and its independent judiciary, is a country that takes this responsibility extremely seriously," he said. "Nasscom will work with the legal authorities in the U.K. and India to ensure that those responsible for any criminal breaches are promptly prosecuted and face the maximum penalty."

Last month, Nasscom created a new regulatory body to help improve data security among India's offshore IT services and business process outsourcing companies.

Andy McCue of Silicon.com reported from London.