Cyber Incident Victim: HSBC
Date:
Jan 2016
Location:
United Kingdom
Summary
HSBC experienced a significant disruption to its UK online banking services due to a distributed denial-of-service attack, preventing customers from accessing accounts via the website or mobile app during a peak period coinciding with payday and tax filing deadlines. The institution stated it successfully defended against the attack without compromising customer transactions and worked to restore normal operations, though this marked the second major service outage affecting the bank within the same month. Service recovery efforts were ongoing while the organization apologized for inconveniences caused by the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 29, 2016, HSBC's UK online banking services experienced a significant disruption lasting several hours due to a Distributed Denial of Service (DDoS) attack. The attack targeted HSBC's internet banking platforms, impacting access through both the bank's website and mobile applications. Customers encountered persistent difficulties conducting online transactions or logging into their accounts during the morning hours, coinciding with one of the busiest periods for UK banking activity. HSBC publicly attributed the outage to the DDoS attack and issued a statement confirming the incident affected personal banking websites in the UK. The bank asserted its systems had successfully defended against the attack and emphasized that customer transactions remained uncompromised despite the service interruption. Technical teams worked to restore full functionality, with HSBC reporting gradual service resumption later in the day. This marked the second major operational disruption for HSBC within January 2016, though details of the prior incident were not specified in available reports.
The timing amplified the incident's impact, as the outage occurred on the final Friday of January—a day when many UK residents received monthly salaries and freelance workers faced deadlines for annual tax submissions. Customers expressed frustration through social media and news outlets regarding the inability to access critical financial services during this high-demand period. HSBC's communications framed the event as a successfully mitigated attack rather than a security breach, stating no transactional data or customer accounts were jeopardized. The bank issued a formal apology for the inconvenience but did not disclose technical specifics about the attack's scale, origin, or duration. Service restoration efforts continued throughout the day, with normal operations progressively resuming without further public updates regarding residual effects or long-term remediation steps. No additional threat actor claims or collateral impacts beyond the access disruption were documented in the immediate aftermath.