On November 1, 2013, the company learned than an employee who was authorized to access customer account information had done so with the intention of misusing the data. The information involved in the incident includes customers' names, Social Security numbers, personal identification numbers (i.e. driver's license numbers), phone numbers, account numbers and account types.
HSBC has uncovered fraudulent activity on three of the affected accounts. "Although our investigation is ongoing, the employee has been terminated and HSBC has reported this incident to the New York Special Fraud Unit for further investigation," HSBC North America executive vice president for corporate compliance Gillian Van Schaick wrote in the notification letter [PDF].
All those affected are being to place fraud alerts on their credit files, and are being offered one free year of ITAC Sentinel credit monitoring and identify theft protection services.