HSBC Bank USA National Association

On July 27, 2012, HSBC Bank USA National Association suffered a data breach caused by an employee who left the organization with potentially exposed sensitive customer information. The compromised data included personally identifiable details such as names, phone numbers, account numbers, and account types. The breach was formally reported to the California Office of the Attorney General on October 30, 2012, nearly three months after the incident occurred. The exposure of such data poses risks of identity theft, financial fraud, and unauthorized access to customer accounts. While the exact scale of the breach (e.g., number of affected customers) was not specified in the report, the nature of the leaked information—particularly account numbers—heightens the potential for malicious exploitation. The delay in disclosure further compounds concerns about the bank’s incident response protocols and the safeguarding of customer trust. This incident underscores vulnerabilities in internal controls, particularly around employee access to sensitive data and offboarding procedures. The breach did not involve external cybercriminals or ransomware but stemmed from an insider threat, highlighting the need for stricter data governance and monitoring mechanisms within financial institutions.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-36836

TPRM report: https://www.rankiteo.com/company/hsbc

"id": "hsb042091825",
"linkid": "hsbc",
"type": "Breach",
"date": "7/2012",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Banking',
                        'location': 'USA (California)',
                        'name': 'HSBC Bank USA National Association',
                        'type': 'Financial Institution'}],
 'attack_vector': 'Insider Threat',
 'data_breach': {'data_exfiltration': 'Yes (by departing employee)',
                 'personally_identifiable_information': ['name',
                                                         'phone number',
                                                         'account number'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Identifiable '
                                              'Information (PII)',
                                              'Financial Data']},
 'date_detected': '2012-07-27',
 'date_publicly_disclosed': '2012-10-30',
 'description': 'The California Office of the Attorney General reported that '
                'HSBC Bank USA National Association experienced a data breach '
                'on July 27, 2012. The breach involved an employee leaving '
                'with potentially exposed information including name, phone '
                'number, account number, and account type.',
 'impact': {'data_compromised': ['name',
                                 'phone number',
                                 'account number',
                                 'account type'],
            'identity_theft_risk': 'Potential',
            'payment_information_risk': 'Potential (account numbers exposed)'},
 'post_incident_analysis': {'root_causes': 'Insider threat (employee departure '
                                           'with sensitive data)'},
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Office of '
                                                       'the Attorney General'},
 'response': {'communication_strategy': 'Public disclosure via California '
                                        'Office of the Attorney General'},
 'threat_actor': 'Former Employee',
 'title': 'HSBC Bank USA Data Breach (2012)',
 'type': 'Data Breach'}