Banking giant HSBC has admitted losing a data disc containing details of 370,000 customers.
The disc contains the names, dates of birth and life insurance cover levels of predominately HSBC mortgage customers.
However, the bank maintains the risk of identity fraud is limited, as the disc was password-protected.
An HSBC spokesperson said: "The data disk lost by HSBC contains no address or bank account details for any customer and would therefore be of very limited, if any, use to criminals.
"The data, which was password-protected, includes names, life insurance cover levels, dates of birth and whether or not a customer smokes.
"There is nothing else that could in any way compromise a customer and there is no reason to suppose that the disk has fallen into the wrong hands."
The data were lost after being sent from the bank's offices in Southampton to a reinsurance company by an external courier.
Customers affected by the data loss will be contacted shortly and HSBC is carrying out an investigation.
HSBC has now informed the Financial Services Authority (FSA) which could impose a substantial fine on the bank.
Previous financial firms to face data protection penalties include Norwich Union and Nationwide fined £1.26 million and £980,000 respectively last year.