HSBC says a computer disc containing the confidential personal details of around 370,000 UK life assurance customers has gone missing.
The disc was lost at the beginning of February and is thought to have gone missing after being sent by external courier from HSBC's Southampton offices to a reinsurance firm.
In a statement, HSBC says the password-protected disc includes names, life insurance cover levels, dates of birth and details on whether or not a customer smokes.
The bank says the disc does not contain address or bank account details and "would therefore be of very limited, if any, use to criminals".
HSBC says affected customers "will be contacted shortly".
The bank has also reported the matter to the Financial Services Authority (FSA) which could launch an official probe into the incident. This could result in a hefty penalty if the regulator finds the bank's security measures are at fault. Last year the watchdog fined Nationwide Building Society and Norwich Union for failing to protect customer data.
Insurer Norwich Union was slapped with a £1.26 million fine for failing to protect confidential customer data - including bank account information - from fraudsters, while Nationwide was hit with a £980,000 fine after a FSA investigation into the theft of a company laptop from an employee's home exposed failings in the building society's information security.
Earlier this year the UK Information Commissioner's Office (ICO), which is responsible for enforcing the Data Protection Act, called on organisations to implement stronger safeguards to help protect personal data in the wake of the security breach at HM Revenue and Customs (HMRC) last year.
The ICO called for companies and individuals to step up the fight against ID fraud following the HMRC breach, where two computers disks containing information on 25 million child benefit claimants went missing while in transit from HMRC's headquarters in Washington, Tyne and Wear to the National Audit Office (NAO) in London in October 2007.