HSBC has blamed a denial of service attack for the downtime of many of its websites worldwide overnight, The Register reports.
Users said they were unable to reach the HSBC UK and First Direct websites on Thursday, Oct 18, leaving them unable to carry out internet banking services. Problems kicked in just before 20.00 BST and lasted for around seven hours.
Unconfirmed reports suggest that HSBC was targeted by the Izz ad-Din al-Qassam Cyber Fighters as part of a current campaign to get the controversial Innocence of Muslims video removed from YouTube.
The group also took credit for interrupting customer access to the websites of Capital One earlier this week, again without warning. The same group staged a series of digital sit-in (denial of service) attacks against U.S. banks including Bank of America and Chase last month.
Security researchers analyzing the earlier attacks quickly came to the conclusion that they were largely powered by botnet networks of malware-infected PCs.
In a statement, HSBC said that attacks had affected customers worldwide, and reassured clients that sensitive account data was not exposed by the attack:
“On October 18, 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world. This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking. We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running. We are cooperating with the relevant authorities and will cooperate with other organizations that have been similarly affected by such criminal acts. We apologize for any inconvenience caused to our customers throughout the world.”
An updated statement from HSBC said that by 03.00 BST, it had brought all its websites worldwide back into service.
