The bank has apologised but says the disc was password protected and included only names, birthdates, life insurance cover levels and whether or not the coverage holder smokes.
The data went missing four weeks ago after being sent to reinsurer via an external courier service.
HSBC says it has informed the Financial Services Authority and it is possible the bank will be investigated and could face a fine if found to be negligent in protecting the data.
Last year both Norwich Union and Nationwide were fined for inadequately securing customer data.
NU faced fines of £1.26m in December when fraudsters cashed in £3.3m in policies based on customer details obtained illegally.
Nationwide was fined £980,000 when a laptop containing sensitive data was stolen from an employee’s home.
A release from HSBC says: “The data disk lost by HSBC contains no address or bank account details for any customer and would therefore be of very limited, if any, use to criminals.
“The data, which was password-protected, includes names, life insurance cover levels, dates of birth and whether or not a customer smokes. There is nothing else that could in any way compromise a customer and there is no reason to suppose that the disk has fallen into the wrong hands.
“Nonetheless, HSBC would like to apologise to its life assurance customers for any concern this may cause them. Each customer will be contacted shortly and a thorough investigation into this matter is underway. The FSA has been informed.”