GLOBAL BANKING ORGANISATION HSBC has confirmed that its servers were hit by a denial of service attack last night that took down a number of its websites, and the Anonymous group has been quick to take credit.
The firm does not know why it was targeted. A Twitter account called @Fawkessecurity has taken credit for the attack and has posted a statement to Pastebin.
"As some of you may be aware HSBC bank suffered several DDoS attacks on the named sites in the past hours us.hsbc.com hsbc.co.uk hsbc.com hsbc.ca they were all brought down by #FawkesSecurity," it says. "The proof is all in our Twitter account, Targets, time and date :) @FawkesSecurity".
A Youtube video has also been released, but no reason for the attack has been revealed.
According to HSBC's statement, no customer data was affected but customers will have struggled to access its online systems. The firm has told the authorities and is working with them on tracking down the culprits.
"HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world. This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking," it said in a statement.
"We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running. We are cooperating with the relevant authorities and will cooperate with other organisations that have been similarly affected by such criminal acts. We apologise for any inconvenience caused to our customers throughout the world."
The websites recovered a few hours later and HSBC says that everything is now back to normal. It thanked customers for their patience.
While the HSBC statement claims that no customer data has been affected, the Fawkessecurity Twitter account claims otherwise.
In a statement it disputed the bank, saying, "This isn't entirely correct. We also managed to log 20,000 debit card details." µ
You can't fault them for speed
Investigation reveals that malicious code was injected into the firm's payment page
Plus the three-for-free
And it's not just on Ubuntu, neither