Cyber Incident Victim: HSBC

On 12 July 2016, the hacker group OurMine claimed responsibility for a cyberattack targeting HSBC's servers in the US and UK. The group announced the attack via a public post, stating they had "checked HSBC Bank security" and successfully taken down the bank's website. OurMine directed HSBC employees to contact them through their website to stop the attack and receive unspecified security protection advice. The group later issued a second update confirming they had ceased the attack after communicating with an individual identified as HSBC staff. While OurMine asserted the takedown, the duration of the outage remained unverified, with external reports indicating HSBC's US and UK websites appeared operational by the morning of 13 July. No independent confirmation of the attack's technical details or scope was provided in available reports, and HSBC had not issued an official statement at the time of media coverage.

OurMine characterized itself as a "white hat" collective conducting "vulnerability assessments," emphasizing claims of having "no bad intentions" and focusing on "security and privacy." The group had previously targeted high-profile technology executives including Mark Zuckerberg, Sundar Pichai, Jack Dorsey, and Marissa Mayer, typically hijacking social media accounts to post messages about "testing" security. Their operations also included a brief disruption of WikiLeaks' website prior to the HSBC incident. IBTimes UK attempted to contact HSBC for comment but received no immediate response. The incident represented an expansion of OurMine's activities beyond individual tech figures to major financial institutions, though the operational impact on HSBC's services remained unclear due to lack of corroborating evidence from external monitors or the bank itself.