HSBC, one of the world’s largest leading banking and financial services organisations, serving 17 million personal banking and business customers in the UK, are the latest company to fall victim to a large scale cyber attack.
From the early afternoon of Friday 29th January, HSBC customers were locked out of their internet banking accounts for several hours after the bank experienced a denial of service attack by unknown online criminals. A denial of service attack is when a single website is swamped with traffic in an attempt to bring it down.
RECOMMENDED READ: The UK’s latest data breaches
The attack, which fell on the last working day of the month, would have been a particularly busy day for online banking, as many customers would have received their first pay packet of the New Year – creating countless inconveniences for customers.
The bank’s UK division took to Twitter to keep customers informed commenting, “HSBC is working closely with law enforcement authorities to pursue the criminals responsible for today’s attack on our internet banking.”
The bank has alluded that there’s been no indication of customer’s data being at risk of theft during the attack, but that they are working with the government backed Computer Emergency Response Team, Cert-UK, to identify the responsible criminals that caused hours of chaos. Over 9 hours after their initial tweet to customers, they confirmed “HSBC internet and mobile banking are now fully recovered. Thanks for your patience and again we apologise for the disruption.”
This is the second issue the bank has experienced in a month where customers have been locked out of online services, although HSBC confirmed that the first issue was due to a complex technical issue, not the result of a cyber attack.
HSBC suggested customers should visit their local branch for any urgent transactions, offering a link on their Twitter page for followers to locate their nearest open branch. The bank also released a statement outlining that all major branches would remain open the following day, Saturday 30th January, due to the inconvenience customers had faced. It was confirmed that customer transactions were not affected, although their internet and mobile services had only been partially recovered by late afternoon; with customers understandably becoming frustrated.