Hacker Group Claims it Stole Debit Card Details from HSBC During Cyberattack

Print
Email
Reprints
Comment
Twitter
LinkedIn
Facebook
Google+
Partner Insights

One of two groups that claim responsibility for a cyberattack on HSBC (HBC) says it did more than slow service to customers despite the bank’s statements to the contrary.

Anonymous, a collective that says it flooded lines between the $2.7 trillion-asset bank and the Internet on Thursday to prevent customers from logging on to their accounts, said Friday it also made off with information about tens of thousands of debit cards.

“When HSBC said ''user data had not been compromised'' This isn't entirely correct,” Anonymous tweeted on Friday.  “We also managed to log 20,000 debit card details.”

“Were debating whether to release them or not, HSBC knows debit details were intercepted, They probz won't admit it tho,” the group added.

The bank said Thursday its websites had endured an electronic assault but that information belonging to customers remained untouched.  “This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking,” the company wrote in a message posted on its website.

HSBC did not respond immediately to a request for comment on Anonymous’ contention.

A group that calls itself Izz ad-Din Al Qassam Group, which has claimed responsibility for recent cyberattacks on at least nine other banks, also took responsibility for the assault on HSBC.  The Al Qassam Group has vowed to attack banks in retaliation for an American-made, anti-Islam film. 

For its part, Anonymous also has identified other banks the group says it will target as part of its cyber offensive.  “RBS, Lloyds TSB and Barclays are next,” the group tweeted Friday morning, before tweeting that Barclays would be its next target. 

A spokesman for Barclays declined Friday to comment on the threat.

Though the attacks have disrupted online banking and frustrated customers, one unknown that accompanies them is whether they also entail fraud. Shifting claims of responsibility also cloud the hackers’ contentions. 

“If it was the Middle Eastern guys, then Anonymous could not get into the system,” Avivah Litan, vice president and distinguished analyst at Gartner Research, told American Banker. “The truth is, if they weren’t the ones who committed the crimes it would be hard for them to get access.” 

Anonymous has demonstrated it can sow chaos successfully, but the group has yet to show it has the know-how to hack its way past a bank’s defenses, according to Litan.  “It’s pretty clear it came out of Iran and that’s it’s a different group than Anonymous,” Litan added.

Iran has denied any role in the slowdowns.

Litan says the attacks, which began with an assault on Bank of America in September, have occurred with unprecedented force.  “They’re flooding the lines with 100 gigabytes of data a second,” Litan said.  “That’s never happened before.  The systems that usually mitigate against these attacks were rendered useless.”

JOIN THE DISCUSSION

SEE MORE IN

Five Mobile App Features that Show Yes, Banks Can Innovate

Fintech startups claim to out-innovate banks. But financial institutions sometimes break new ground. Here are five examples of banks that are testing and launching mobile app features capable of much more than showing an account balance.

Image: iStock

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Already a subscriber? Log in here
Please note you must now log in with your email address and password.