HSBC has had its share of security issues in the past. But this week’s confirmation that a former IT specialist in its employ stole tens of thousands of customer files and then tried to sell them to banks and tax authorities is by far the private bank’s most troubling incident to date.
When HSBC investigators first unearthed this latest security gaffe last year, it figured only a small number of clients’ data was exposed. Turns out, it was almost 15 percent of its total customer base.
HSBC officials said the account information was stolen by Herve Falciani, a former IT specialist who was based in HSBC’s Geneva branch. Falciani later tried unsuccessfully to sell the client data files to Lebanese banks before handing it over to French tax authorities, presumably for the purpose of tracking down French residents who tried to hide assets in the private foreign bank.
eSecurity Planet details how HSBC was caught unawares by a trusted employee and what it and other banking and financial service providers are increasing their IT security spend to prevent future breaches of their networks and their customers’ trust.
HSBC this week confirmed that a data theft it first uncovered last year impacted more than 24,000 people, or 15 percent of its total clients, a far cry from the 10 customers it originally said were affected.
The London-based private bank on Thursday said approximately 15,000 current clients and another 9,000 former clients with HSBC accounts in Switzerland had their account data swiped in 2006.