Security Affairs
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

HSBC Bank USA notified customers of a security breach

HSBC Bank USA notified customers of a data breach that has happened between Oct 4 and Oct 14, unknown attackers were able to access their online accounts. HSBC Bank USA notified customers of a data breach that has happened between October 4 and October 14, unknown attackers were able to access online accounts of the financial institution. Exposed info […]

HSBC Bank USA notified customers of a security breach

HSBC Bank USA notified customers of a data breach that has happened between Oct 4 and Oct 14, unknown attackers were able to access their online accounts.

HSBC Bank USA notified customers of a data breach that has happened between October 4 and October 14, unknown attackers were able to access online accounts of the financial institution.

Exposed info includes customer full name, mailing address, phone number, email address, date of birth, account numbers, account types, account balances, transaction history, payee account information, and statement history where available.

HSBC Bank sent a letter to its customers to notify the incident.

“HSBC became aware of online accounts being accessed by unauthorized users between October 4, 2018 and October 14, 2018. When HSBC discovered your online account was impacted, we suspended online access to prevent further unauthorized entry of your account.” reads the letter sent by the bank to the customers.

“You may have received a call or email from us so we could help you change your online banking credentials and access your account. If you need help accessing your account, please call <>.” 

In response to the security breach, the United States subsidiary of HSBC blocked access to online accounts to prevent abuses.

After the data breach, HSBC Bank enhanced the authentication process for HSBC Personal Internet Banking, adding an extra layer of security.

The back is also providing impacted customers with a complimentary year subscription to a credit monitoring and identity theft protection service provided by Identity Guard.

Impacted customers should do:

  • Monitor their account transactions for any unauthorized activity and contact the bank immediately if any is noticed.
  • Obtain Credit Reports.
  • Place a fraud alert on their credit file, which tells creditors to contact them before they open any new accounts or change their existing accounts.
  • File Reports if they believe their information is being misused.

This isn’t the first incident suffered by HSBC, in March 2017, a spam campaign impersonating UK-based bank attempted to distribute malware masquerading as legitimate security software

In January 2016 the British branch of the HSBC bank suffered twice in a month a cyber attack that brought its services offline.

In November 2014, the Hong Kong and Shanghai Banking Corporation announced that its computer networks in Turkey were breached by unknowns. The data breach exposed the personal data of about 2.7 million customers, including names of clients, card expiry dates, their card numbers, and linked account numbers.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – HSBC bank, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]