Connect with us

Data Breaches

HSBC Data Breach Affects 1% of US Customers

Data Breaches Hacker News

Dark Web Marketplace Bidencash Leaks 2 Million Stolen Credit Cards for Free

Data Breaches

77 Million Nitro PDF Records Compromised

Data Breaches

Solarwinds Hackers Achieve End Goal of Acquiring High-Profile Government Targets

Data Breaches

British Airliner EasyJet Victim of Cyber Attack - 9 Million Records Exposed

Data Breaches

Massive Data Breach of Panama Citizens

Data Breaches

Outlook Breach More Expansive than Previously Thought

Data Breaches

Second Toyota Security Breach puts 3.1 Million Consumers at Risk

Data Breaches Hacker News

Korean Crypto Exchange BitHumb Loses $19 Million to Hackers

Data Breaches Hacker News

Major Aluminum Manufacturer Hit With Cyber Attack Stopping Worldwide Production

Data Breaches

HSBC Data Breach Affects 1% of US Customers

Published

5 years ago

on

HSBC Data Breach Affects 1% of US Customers

HSBC has reported attackers managed to access personal information of a limited number of their customers from 4 October to 14 October this year. Accounts numbers, balances, addresses, transaction history and more was breached by attackers. It’s thought that the breach affected approximately 1% of US HSBC accounts.

This information came to light because, under California law, any company who conducts business in California must agree to file security notices with the Attorney General’s office in the event of a data breach. The notice is sent to residents, and if the number of residents receiving a notice exceeds 500, then the business must also make available the notice so it can be shared publicly.

It’s thought that the login credential may have been stolen from previous data breaches, attackers then using them to conduct a credential stuffing attack on HSBC. A credential stuffing attack is a form of cyber attack where attackers use stolen credentials to gain unauthorized access to large-scale automated login requests on a web application.

In response to this attack, HSBC has said they have hardened their security for the sign-in and authentication process. This should make this type of attack less viable in the future.

We recommend that our readers practice good “security hygiene”, therefore making this kind of attack impossible. By good “security hygiene,” we mean updating your passwords regularly, having complex passwords containing a variety of characters and steering away from using your mother’s name, for example, something obvious. It’s also important to vary your passwords between sites, using a unique password for every site you sign up to. You can use a password manager to help you keep track of your passwords.

Those stung by the HSBC data breach are being offered a free year of the Identity Guard credit monitoring service. If you have been affected you should have received a notice; information on how to claim your Identity Guard compensation will be included in the notice.

Related Topics:

Experienced British technology journalist and online reporter

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *