Maybe we should state the obvious here. HSBC is a bank. So they are a target. It is also worth pointing out that they know they are a bank and should know that they are a target. Another thing they should know is that there are ways to economically raise defenses and then test that those defenses were really raised. Anyway, here is what American Banker tells us:
A small number of HSBC online banking customers — less than 1% of accounts — were breached last month by unauthorized users, the bank acknowledged Tuesday. HSBC sent a disclosure notice Nov. 2 to customers saying the breaches occurred between Oct. 4 and Oct. 14 of this year. The bank suspended all affected accounts. Customer information that may have been accessed includes full names, mailing addresses, phone numbers, email addresses, dates of birth, account numbers, account types, account balances, transaction history, payee account information, and statement history.
Read about the HSBC Bank data breach on American Banker.