HSBC Holdings under investigation after Swiss data theft


HSBC Holdings under investigation after Swiss data theft

Warwick Ashford

Swiss financial sector regulator FINMA is investigating the theft of data from up to 24,000 clients of the Geneva private bank of HSBC Holdings.

The bank said it has contacted the affected customers, but does not believe the data has or will allow any unauthorised person to access their accounts.

The data was stolen in 2006 and 2007 by former IT employee, Herve Falciani, who tried to sell the stolen information for more than £2m in France.

The theft has raised concerns that UK and other tax authorities will user the information to identify potential cases of tax evasion.

But HSBC said the French authorities had informed their Swiss counterparts that the information would not be used inappropriately.

FINMA is investigating whether HSBC failed to meet legal requirements to prevent data theft.

Falciani was able to steal the data using privileged account access while working on a project to transfer the bank's database to a more secure system.

"This is yet another powerful example of the significant risk of unmanaged and unmonitored privileged accounts," said Udi Mokady, chief executive at security firm Cyber-Ark.

But it is also surprising, he said, because most organisations now understand the high risk of not using the available tools for controlling their privileged accounts and superusers, and not recording their privileged sessions.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy