The DDoS attack rained down on the bank and its customers for most of this morning and locked punters out of a range of online banking services at a time when minds were turning to the pub and the weekend.
Alex Kwiatkowski, a senior strategist at software group Misys, said the attack was “very concerning” and “shines a bright spotlight” upon HSBC’s systems weaknesses. It told customers it was working hard to restore service adding: “We apologise for any inconvenience”.
Anyone attempting to access their account was receiving an error message on Friday morning reading: “We’d like to apologise to all our customers for Online Banking being unavailable”.
The previous failure occurred just a few days into the new year and was caused by a glitch in HSBC’s IT systems, rather than a hacker attack.
The bank says its working with law authorities to identify the attackers, but remains offline and – in an ominous note on Twitter – advises that all branches will be open on Saturday.
The attack may affect customers on pay day and comes two days ahead of the deadline for filing self-assessment tax returns and paying personal taxes.
A CYBER attack against HSBC has caused disruption for customers trying to log in on a key day for managing their money.
Some DDoS attacks are used by attackers as a smoke screen, to keep security teams busy while a more serious compromise is underway.
It is the second outage to face HSBC this month.
Those problems in early January were due to a “complex technical issue” with its internet banking systems and not a cyber attack or any other malicious act, HSBC said.
However, the fact that online banking remains now inaccessible suggests that recovery is not yet complete.
It was not yet clear whether First Direct customers had also been affected by the attack.