HSBC suffered a distributed denial of service (DDoS) strike last night, which saw a number of customer-facing services disrupted.
Hacktivist group Anonymous has claimed responsibility for the attack.
The bank said systems were back up and running smoothly at 03:00 am UK time, although it could not provide details on when the DDoS started, other than to say it occurred on 18 October.
It affected “a number of HSBC websites around the world”, HSBC said. “This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking.
“We are cooperating with the relevant authorities and will cooperate with other organisations that have been similarly affected by such criminal acts.”
An Anonymous splinter cell going by the name of FawkesSecurity has taken credit for the hit. “The proof is all in our Twitter account, targets, time and date,” a Pastebin from FawkesSecurity read. The post contained the traditional Anonymous sign off, ending with “expect us”.
According to the Twitter messages, HSBC was hit on five fronts, including the UK, French, Canadian and US customer-facing sites. FawkesSecurity said sites were downed for at least 20 minutes. They claimed the DDoS strikes started around 10pm last night.
FawkesSecurity, speaking via YouTube video, warned “greedy banks, law enforcement, worldwide governments and corrupt corporations that this is far from over”.
Banks in the US have been battered by DDoS attacks over the last month, including major institutions like Wells Fargo and Bank of America. Ally Financial appears to have been the most recent target.
Other kinds of attacks have been threatening the financial sector of late. Security firm RSA recently warned of a massive “Trojan attack spree” due to be launched against US banks later this year.
RSA said a cyber army of 100 botmasters could be running the attack, which will amount to “the most substantial organized banking-Trojan operation” ever, if it goes ahead.
UPDATE: TechWeekEurope has spoken to the owner of the @FawkesSecurity Twitter account, who said more attacks on UK banking institutions were coming.
“We’ll be targeting a long list of financial institutes and banks in the weeks to come,” they said. “Barclays, RBS and Lloyds TSB. Were [sic] using a widely distributed botnet, but we’d rather not give too much info away yet.”
Like Internet anonymity? Try our Anonymous quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…