International banking giant HSBC has reported that it was breached in October, as a result of a credential-stuffing attack.
In a notice [PDF] filed with the state of California, the bank said that it became aware of some online accounts being accessed by unauthorized users between October 4 and 14. The hack affected a segment of the bank’s U.S. customers — less than 1 percent of its U.S. client base, it told the BBC, though exact numbers have not been released.
The incident exposed names, addresses and dates of birth, along with banking-specific information like account numbers and balances, statement and transaction histories, and payee account numbers.
Read more about the HSBC data breach on Threatpost.