13th November 2018

HSBC data breach serves a stark warning for customers to do all they can to protect their data

HSBC US has suffered a breach of its customer accounts; hackers are believed to have gained access (via the HSBC online app) to information including account numbers and balances, statement and transaction histories and payee details, as well as users' names, addresses and dates of birth.

Commenting, David Emm, Principal Security Researcher at Kaspersky Lab, said: “[The] news of the HSBC breach – the data of which was obtained using credentials from earlier cyber-attacks – serves a stark warning for customers to do all they can to protect their data.

"There is an alarming amount of information about us online, from bank account details to dates of birth, which cybercriminals are always looking to exploit. A recent Kaspersky Lab study showed that people have lost control of their personal data – with 2-in-3 Europeans unaware of who knows what about them online – highlighting the need for an increased awareness of what data is held and by whom, and how this can be protected.

"This includes securing devices used to access online banking with up-to-date Internet security software. Consumers must make sure that they are not using the same passwords for multiple sites – it is possible that the data stolen from HSBC was done so using credentials from earlier breaches.

"Consumers must use only the official banking app installed from a trusted source, rather than through an internet search engine, and they should never share their account login information with third-party apps.”