London-headquartered HSBC has confirmed that online bank accounts of its customers in the US were illegally accessed about a month ago, with possibly compromised data including account numbers and transaction history.
In response to the cyber incident, which took place between October 04 and 14, the banking giant suspended access to prevent further unauthorized entry; contacted affected clients to assist them in changing their online banking credentials; and enhanced its authentication process to add another layer of security.
“We apologize for this inconvenience,” stated the lender in the notice of data breach seen by Insurance Business. “HSBC takes this very seriously and the security of your information is very important to us.”
Other details that unauthorized users may have got hold of are customers’ full names, mailing addresses, phone numbers, email addresses, date of birth, account types, account balances, payee account information, and statement history.
Meanwhile, “out of an abundance of caution,” HSBC said it will also offer a complimentary one-year subscription to a credit monitoring and identity theft protection service.
It is believed that less than 1% of the US clientele has been impacted.