- The attack occurred between October 4 and October 14, 2018.
- The compromised data includes full names, email addresses, phone numbers, physical addresses and more of customers.
HSBC Bank USA, an American subsidiary of UK based HSBC, has suffered a data breach that resulted in the compromise of personal data of several customers. Although the number is not yet known, the bank has confirmed that the attack occurred between October 4 and October 14, 2018.
According to the data breach notification, the firm found that a number of online accounts were accessed by unauthorized person(s) during the said time period.
Upon discovery of the breach, HSBC immediately suspended the online access to the accounts in order to prevent further damages.
“HSBC became aware of online accounts being accessed by unauthorized users between October 4, 2018, and October 14, 2018. When HSBC discovered your online account was impacted, we suspended online access to prevent further unauthorized entry of your account,” said the bank in the data breach notification.
Among the data compromised, the attackers may have gained access to full names, email addresses, phone numbers, physical addresses, dates of birth, account numbers, account types, account balances, transaction history, payee account information statement history of customers.
Preventive measures taken
As a response to the security incident, HSBC bank USA has improved the authentication process of the online banking. In addition, it is also offering a subscription to credit monitoring and identity theft protection services.
The firm has suggested its customers that they should monitor their online banking accounts for any unauthorized transactions. It has also advised users to review their credit reports in order to spot out any fraudulent activity.