HSBC Watch News Release Forum Index
Forum Name: - HSBC Identity Theft
Topic Title: HSBC knew about security loophole
Fri Aug 11, 2006 9:29 am
One of Britain's biggest high street banks knew about a security loophole in its online banking service that left millions of accounts open to fraud and did nothing about it for almost two years. HSBC initially denied the defect in its computer banking but conceded yesterday that the problem had been known about since the system was introduced.
The defect, uncovered by researchers at Cardiff University and exposed in The Guardian on August 9, 2006, was the result of a conscious decision by those building the system two years ago, a spokesman for the bank said. "It wasn't there accidentally," he said. "When the system was being designed, research was done into it and the decision was made [to leave the loophole]. Often times these are judgment calls."
Industry professionals say it is common for companies to know about large numbers of flaws while designing their online banking systems, but often they leave some to concentrate on other problems. HSBC said the system's builders had decided against closing the loophole to focus on more pressing threats.
HSBC continues to publicly deny that there may be a failure of security procedure, but the acceptance that it knew about the flaw for almost two years is a shift in its stance.
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Thinking of making a debt settlement offer? See common 
We monitor customer trends for possible violations of Regulation Z and other possible illegal actions.