HSBC blames data breach on password reuse
In November 2018, HSBC announced a serious data breach in its US business between October 4 and 14, when fraudsters used credential stuffing to gain access to detailed account information relating to about 1% of its 1.4 million US customers. HSBC said that in response it had strengthened its login and authentication processes and implemented additional layers of security. The bank gave affected customers a year's credit monitoring and identity fraud protection, and reminded customers to use unique passwords.
writer: Laura Noonan and Nicholas Magaw
publication: Financial Times