Home News HSBC discloses cyber-attack affecting US customers

HSBC discloses cyber-attack affecting US customers

Smishing Campaign on HSBC

The Hongkong and Shanghai Banking Corporation recently revealed that some of its U.S. customers’ bank accounts were hacked in October this year. The bank stated the incident affected one percent of its American clients after cyber miscreants allegedly accessed customers’ names, addresses, date of birth, bank account numbers, account balances, statements, transaction histories, and payee details.

HSBC said it has temporarily suspended the internet banking access to the affected customers to prevent further loss and reported the incident to the California Attorney General’s Office.

“HSBC became aware of online accounts being accessed by unauthorized users between October 4, 2018 and October 14, 2018. When HSBC discovered your online account was impacted, we suspended online access to prevent further unauthorized entry of your account. You may have received a call or email from us, so we could help you change your online banking credentials and access your account,” HSBC stated in an official statement. “We apologize for this inconvenience. HSBC takes this very seriously and the security of your information is very important to us.”

Further, the banker stated that it has improved the authentication process of its online banking and is also providing the users with a complimentary subscription to credit monitoring and identity theft protection services.

“HSBC regrets this incident, and we take our responsibility for protecting our customers very seriously,” the bank said in a news statement. “We have notified those customers whose accounts may have experienced unauthorized access and are offering them one year of credit monitoring and identity theft protection service.”

In related news, the Britain-based Tesco Bank was recently slapped with £16 million ($21.4 million) fine for the cyber-attack it suffered in 2016. Nearly £2 million was stolen from 9000 customers using counterfeit cards, with over 40,000 accounts being compromised in the attack. According to the regulatory body Financial Conduct Authority (FCA), the Tesco Bank failed to exercise due skill, care, and diligence and protect account holders of its bank from a foreseeable cyber-attack, which occurred for over 48 hours in 2016.