Cybercrooks have uploaded data allegedly revealing the personal details of HSBC USA bank customers, including bank account numbers and transaction details. The Cybernews research team says there are indications that the leaked data is legitimate. Meanwhile, the bank says it did not suffer a data breach.
-
Cybercriminals posted alleged HSBC USA data including account numbers, SSNs, and transaction histories online.
-
Leaked sample contains names, addresses, birthdates, phone numbers, emails, and stock order details.
-
HSBC USA denies breach occurred, stating investigations found no evidence of compromised systems or providers.
Attackers uploaded the post about the alleged data breach to a popular data leak forum, which malicious actors typically use to exchange stolen data. The post’s author claims the database was obtained via a coordinated effort.
HSBC USA told Cybernews the bank is aware of the claims yet an investigation revealed that there are no indications the company suffered a data breach.
“HSBC has reviewed the claims and can confirm there is no indication that HSBC US or its service providers have been impacted by a data breach,” the banks' spokesperson told Cybernews.
“The claims made by this threat actor are false. HSBC conducted a thorough investigation and reviewed the sample data set posted by the threat actor. We have determined that the sample does not comprise legitimate HSBC customer data and that the sample data did not originate from any breach of HSBC systems or those of any of our service providers. There is no indication any HSBC customer data has been exposed,” the banks' spokesperson added.
Meanwhile, the Cybernews research team investigated the data sample provided in the attackers’ post. According to the team, the supposedly stolen details appear to include a list of HSBC USA clients revealing their:
- Full names
- Addresses
- Social Security numbers
- Dates of birth
- Phone numbers
- Email addresses
- Transaction histories
- Stock orders
- Bank account numbers
At least in theory, attackers could utilize the stolen details for numerous illicit activities. For one, cybercriminals could use the data for identity theft by opening fraudulent accounts or filing fake tax returns.
Details such as transaction histories could be exploited by scammers who analyze spending patterns to craft spearphishing attacks. Attackers could also attempt to use the details for social engineering attacks, impersonating legitimate institutions.
“For HSBC USA, the leak could cause reputational damage and even lead to client loss as they may try to move their portfolios elsewhere,” our team explained.
The data sample that the attackers provided doesn’t paint the full picture of what’s inside the stolen dataset. For example, it’s unclear if the data belongs to retail banking customers. If so, the details could be a lot older than attackers claim, as HSBC USA has already exited the mass retail market in the USA.
However, according to the team, the dates in the sample indicate that the information is several weeks old. In that case, the stolen database could refer to the bank’s corporate and institutional clients.
Earlier this year, HSBC announced its exit from its business banking portfolio in the US. The UK-headquartered HSBC is one of the largest financial institutions in the world with revenue exceeding $62 billion and an employee count of around 220,000.
Updated on October 28th [07:30 a.m. GMT] and October 30th [12:40 p.m. GMT] with statements from HSBC USA.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked