New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


HSBC Confirms Data Breach

HSBC USA, the sister company of the UK based bank HSBC, were victim of a breach that occurred between October 4th and October 14th. The number of victims is unknown at this time, however unknown parties gained unauthorized access to certain accounts . As a preventative measure, the bank suspended access to online banking to halt any further attempts to access accounts and information. Until more information is released, there is not complete certainty as to what was accessed, but thus far it is believed that full names, email addresses, phone numbers, physical addresses, dates of birth, account numbers, account types, account balances, transaction history and payee account information statement history of customers were accessed. The bank reported that it believes less than one percent of its US customers were affected. All customers had been notified in an appropriate time frame and HSBC is feverishly investing the situation to assess what has officially happened.

Analyst Notes

As always, it is important for users to monitor their accounts for any unwarranted transactions or logins. Requesting credit reports is a much more black and white way to tell if there is any fraudulent activity on user accounts. Users should always take full advantage of credit monitoring and identity theft services when available from the bank. Good monitoring practices should become a common practice for everyone and should not just begin when a breach is discovered. If a user has not yet been affected by a breach, they may benefit from looking at their bank’s online banking, and requesting their bank to improve the authentication process if they feel it is lacking the proper security measures.