Feb 1 2016
HSBC is working with law enforcement to catch those behind a denial of service attack that forced its personal banking websites in the UK to shutdown, its second major service outage this month.
Europe's largest lender said it had "successfully defended" its systems against a distributed denial of service (DDoS) attack but it was experiencing fresh threats, impeding full restoration of its services.
"HSBC's internet and mobile services have partially recovered, and we continue to work to restore a full service," John Hackett, UK chief operating officer, said in a statement.
"We are closely monitoring the situation with the authorities."
The outage began on Friday morning. Services were restored late in the day.
Dozens of customers took to social media to vent their anger. They were advised to use the bank's mobile banking application but some reported access difficulties due to high demand.
The attack coincides with the first full pay-day of the year for many Britons and runs close to a deadline for the submission of personal tax returns.
Several technology failures have hit Britain's retail banks in recent years, prompting lawmakers to call for improvement.
"Bank IT systems just don't seem to be up to the job," Andrew Tyrie, Conservative lawmaker and chairman of the Treasury Committee, said in a statement. "It could be leaving the banking system, and with it the economy, exposed to the risk of systemic failures."
Thousands of HSBC's UK customers were affected by a blackout on its personal banking online services in the first week of January.
HSBC gave no explanation for that glitch but confirmed it was not due to a cyber attack or malicious act. Technicians restored service after two days.
The bank said customer transactions were not affected by Friday's breach, which appeared to be aimed at disrupting and causing embarrassment to HSBC.
"We've seen DDoS attacks against banks used as a smoke screen and cover for other nefarious activities such as cyber-heists ... large value money transfers, or the bulk theft and removal of consumer account data," said Robert Capps, vice president of business development at NuData Security.
Financial crime costs the UK economy £52 billion (A$105 billion) a year, delegates at the Wealth Management Association's financial crime conference heard earlier this week.
Special Inspector James Phipson, commercial director of the economic crime directorate at City of London Police, also told the event that only 12 per cent of cybercrime is ever reported.