No it's illegal, + Citibank new terms
"the handing over of the data was not illigal"
No, it was illegal. SWIFT are trying to retroactively get a the data declared as covered by 'Safe harbor'. The EU Safe Harbor treaty with the US, lets companies keep data in the US as long as its protected to the same extent as in the EU. It doesn't let them hand stuff over without warrants of even auditing or control which is what they did.
It won't even be legal in the USA, since SWIFT handed over US citizens data to the NSA too which is also illegal (FISA exception excluded).
"How many othere companys are doing this"
I read that Citibank UK are changing their account terms and buried in those new terms is a clause 'you consent to have your data sent abroad where is may be subject to disclosure to foreign governments'. It looks like this problem is all the way through the EU banking system, and they're retroactively covering their ass.
If China demanded details from HSBC, would they comply and not tell anyone? I don't see the difference, if the banks are able to do this with the USA, then a legal precedent has been set that works for China, Russian, and anyone else who wants EU data.
If you don't prosecute the first infringement, prosecuting the second, third, fourth becomes damn near impossible.