It has been reported that banking giant HSBC disclosed on Monday a security incident that impacted an undisclosed number of the institution’s customers.
“HSBC became aware of online accounts being accessed by unauthorized users between October 4, 2018 and October 14, 2018,” the bank wrote in a data breach notification letter submitted to Californian authorities. The bank said it suspended access to online accounts for all impacted customers and initiated procedures for changing passwords for online banking accounts. It also said it added “an extra layer of security” to HSBC accounts, but didn’t go into details.
Commenting on this, Corin Imai, senior security adviser at DomainTools said:
“This is simply the latest in a long line of breaches indicating that we as an industry have room for improvement in how we handle and protect sensitive data. Financial institutions have been making large strides in protecting customer data since it is among the most valuable data to steal, and potentially the most damaging type of PII to be exposed. It appears that HSBC is taking the proper steps in notification and handling of impacted customers.”