Customers of HSBC in the United States have had their personal details including account numbers and transaction history exposed in a data breach. Whilst the bank has made no official statement on the matter, the breach came to light after a template of the alert sent to customers was posted online by the California Attorney.
The probabilities of you having your personal information hacked is realistically 100%. So, we all need to be on our toes. However, at the top of the list of worst places to be hacked is your bank. HSBC announced that hackers breached "some" HSBC accounts in the US in October and accessed their information. Of course, it is not immediately known how many accounts were breached.
This is what is troubling. They aren't sure or they don't want to disclose how many accounts have been hacked. This is what is unfortunate. It is the lack of corporate accountability that is troubling. Although HSBC "regrets this incident", to what lengths are they going through to discover the extent of the breach and those who have been compromised AND reporting it? Like most corporations they are desperately trying to limit the PR hit.
Meanwhile they are offering up 1 year of credit monitoring to those affected. If you bank at HSBC, I would do the following:
Change all of passwords
I would audit my bank accounts and make sure that nothing suspicious has taken place
If I know I was effected, I would close accounts and change bank account numbers. I wouldn't take chances.
Finally, I would initiate a free credit freeze (go to this link to learn how - link to older blog). Just in case social security information was compromised, I would lock up my credit files with a credit freeze.
The big test comes in how this bank handles this situation. If they are not quick to fix things and forthcoming with details. I would change banks. I wouldn't want to bank with any company where the PR spin was more important the customer information safety.