HSBC Bank says a bug in its imaging software inadvertently exposed sensitive data about some of its customers going through bankruptcy proceedings.
In notification letters made public Thursday, the bank said it had redacted sensitive information in Chapter 13 bankruptcy proof-of-claim forms that were filed electronically, but that the information turned out to be viewable "as a result of the deficiency in the software used to save imaged documents."
An HSBC spokeswoman declined to elaborate on the cause of the problem, but said "a limited number of customers" were affected. HSBC has "no reason to believe customers' personal information may have been compromised," she added via e-mail.
The company sent letters to affected customers in October and is offering them one year of free credit monitoring.
Some customers of the following HSBC companies are affected: HSBC Taxpayer Financial Services, Beneficial New Hampshire and Household Finance Corporation.
According to documents (PDF) filed Thursday with the New Hampshire Attorney General's office, HSBC failed to completely redact information on forms that were filed between May 1, 2007, and Oct. 17, 2008. HSBC said it learned of the problem on July 9, 2009.
The data disclosed may have covered HSBC credit card, line-of-credit or mortgage information, the company said.
Legal documents are increasingly being filed online, causing some problems as company employees get used to the new formats. Information on paper copies can be redacted with a marker pen, but electronic redaction, if not done properly, can be reversed with a simple cut-and-paste.
Earlier this year, for example, the Associated Press was able to read redacted court testimony that showed Facebook's estimate of its own market value.
The AP got its scoop by cutting and pasting the blacked-out sections of a court transcript.
The problem is large enough that two months ago the U.S. District Court for the District of New Jersey sent out guidelines explaining how to properly redact information.
"Electronically filing PDF'd documents is a relatively new process for lawyers," many of whom have only recently started using desktop computers, said Christina Frangiosa, counsel with the law firm Panitch Schwarze Belisario & Nadel.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.