Online criminals attacking HSBC ‘all the time’, says head of UK arm

TruthLens AI Suggested Headline:

"HSBC UK Chief Highlights Continuous Cybersecurity Threats and Significant IT Investments"

Online criminals attacking HSBC ‘all the time’, says head of UK arm analysis cover image

The Guardian 7.8

Image Source: https://i.guim.co.uk/img/media/5d2c3e53e5af57db514bb9365e7de7559e441cdf/343_0_1328_1062/master/1328.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctZGVmYXVsdC5wbmc&enable=upscale&s=d66e94445d71c9fa4346b95208f1a6df

Original Article Source: https://www.theguardian.com/business/2025/may/20/hsbc-uk-ian-stuart-treasury-select-committee-banks-cybersecurity

View Raw Article Source (External Link)

Raw Article Publish Date: 20 May 2025

AI Analysis Average Score: 7.8

These scores (0-10 scale) are generated by Truthlens AI's analysis, assessing the article's objectivity, accuracy, and transparency. Higher scores indicate better alignment with journalistic standards. Hover over chart points for metric details.

TruthLens AI Summary

The head of HSBC's UK division, Ian Stuart, has highlighted the ongoing threat of cyberattacks facing the bank, stating that they are 'being attacked all the time.' This alarming scenario has led HSBC to allocate significant resources towards cybersecurity, making it the bank's largest expense, amounting to hundreds of millions of pounds. In a session with the House of Commons Treasury committee, Stuart emphasized that ensuring robust defense mechanisms is critical to safeguard customer trust and maintain the integrity of their digital services. He pointed out that the shift towards digital banking has intensified the need for reliable IT systems, especially as more customers transition from traditional branch banking to online platforms. With HSBC processing approximately 1,000 payments per second and implementing around 8,000 IT changes weekly, Stuart acknowledged the challenge of maintaining continuous service availability, indicating that while no bank can guarantee uninterrupted service, the focus should be on rapid recovery from disruptions.

The discussion also touched upon the broader implications of IT failures within the banking sector, which have drawn increasing scrutiny in recent months. Reports suggest that customers at major banks have experienced over a month of IT outages between January 2023 and February 2025, highlighting the systemic vulnerabilities present in the industry. A notable incident involved Barclays, whose recent outages were attributed to software issues linked to a third-party provider. Barclays' UK operations chief, Vim Maru, expressed regret over the disruptions and assured customers that measures are being taken to prevent future occurrences. Both banking leaders stressed the importance of investing in technology and infrastructure to combat the growing threats posed by cybercriminals and maintain operational continuity for their clients.

TruthLens AI Analysis

The article reveals significant insights into the ongoing cybersecurity challenges faced by HSBC and the banking sector as a whole. Ian Stuart, the head of HSBC's UK division, emphasizes the persistent nature of online attacks, underscoring the bank's considerable financial investment in cybersecurity. This situation not only reflects the vulnerability of financial institutions but also raises broader concerns about the safety of digital transactions across various sectors.

Message and Public Perception

The primary intention appears to be raising awareness about the critical importance of cybersecurity in the banking sector. By highlighting the constant threat of attacks, the article aims to instill a sense of urgency among both consumers and lawmakers regarding the need for robust security measures. It also reassures the public that the bank is prioritizing their digital safety, which could foster trust among customers.

Potential Concealment of Issues

While the article focuses on the challenges of cybersecurity, it may downplay other operational issues HSBC might be facing, such as the implications of branch closures and the transition to digital banking. By concentrating on cybersecurity as the primary concern, the narrative could sidestep discussions about customer service quality or the overall impact of these technological shifts on customer experience.

Manipulative Aspects

The manipulation rate seems moderate, as the piece primarily aims to inform rather than mislead. However, the framing of cybersecurity as the biggest expense could be a subtle tactic to justify potential fee increases or resource allocations that may not directly benefit customers. The choice of language emphasizes urgency and necessity, which can influence public perception and expectations.

Trustworthiness of the Information

The information presented seems credible, particularly given the growing number of cyber threats in the financial sector. The statistics provided, such as the frequency of IT changes and the volume of transactions processed, lend weight to the claims made. However, the reliance on the bank's own statements without third-party verification could affect the overall trustworthiness.

Societal Implications

The focus on cybersecurity could lead to increased regulatory scrutiny of banks' IT infrastructures, potentially resulting in new legislation aimed at enhancing digital security. This may also influence consumer behavior, as customers might prioritize banks that demonstrate strong cybersecurity measures. If major outages continue to occur, it could lead to a significant loss of customer trust across the banking sector.

Target Audiences

The article seems to appeal primarily to consumers who are increasingly reliant on digital banking services, as well as policymakers concerned about the implications of cybersecurity on national financial stability. It may also resonate with stakeholders in the tech and finance sectors who are directly affected by the rising costs of cybersecurity.

Market Impact

This news could have implications for stock prices of banking institutions, particularly those with a significant digital presence. Investors may react to the news by reassessing the potential risks associated with cybersecurity threats, which could lead to volatility in bank stocks. Additionally, companies in the cybersecurity industry may see increased interest and investment as financial institutions look to bolster their defenses.

Geopolitical Context

While the article does not directly address global power dynamics, the increasing frequency of cyberattacks underscores a broader trend of digital warfare and security concerns in today’s interconnected world. The emphasis on cybersecurity aligns with current global issues regarding data protection and national security, reflecting the urgent need for comprehensive strategies to combat cyber threats.

Artificial Intelligence Considerations

There is no clear indication that AI was used in the writing of this article, but it is possible that data analytics tools informed the statistical claims. If AI were involved, it could have shaped the narrative by emphasizing certain aspects of cybersecurity or risk management that align with current trends in the industry.

In conclusion, while the article provides valuable insights into HSBC's cybersecurity challenges, it is essential to consider the broader implications of such narratives and the potential for manipulation in the communication of these issues. The focus on cybersecurity is timely and relevant, but readers should remain cautious of the underlying messages being conveyed.

Unanalyzed Article Content

Source URL: https://www.theguardian.com/business/2025/may/20/hsbc-uk-ian-stuart-treasury-select-committee-banks-cybersecurity

The boss of HSBC’s UK arm has said the bank is “being attacked all the time” by online criminals, with cybersecurity now its biggest expense, costing the lender hundreds of millions of pounds.

Ian Stuart sought to reassure MPs that cybersecurity was “very much at the top of our agenda”, amid growing concerns that other large businesses could fall victim to the kind of attacks that have caused chaos at retailers such asMarks & Spencerandthe Co-op.

M&S has been struggling for almost a month since its IT systems were targeted over the Easter weekend, with the attack hitting itsonline operationsand leaving some store shelves empty.

“It does worry me … We are being attacked all the time, so the defence mechanisms that you put in are absolutely critical,” Stuart told theHouse of CommonsTreasury committee on Tuesday. That involved “investing hundreds of millions of pounds”, he said. “This is our biggest expense in business.”

“The amount of money [that] banks, all of us, will be spending on our systems is enormous today – and it has to be. It has to be because our customers rely on digital technology all the time,” Stuart said.

The need to keep a bank’s systems operating seamlessly – 24 hours a day, seven days a week – has increased since bosses started increasing the pace of branch closures and pushing more customers into using digital apps and online banking.

Stuart said that, at a group level, HSBC alone processed 1,000 payments a second. Meanwhile, the bank was making about 8,000 changes to its IT systems every week. He said no bank would be able to guarantee that its services could stay online all the time. “So the skill is, how quickly can you recover?”

Banks’ IT systems have come under increased scrutiny in recent months, with customers at Britain’s largest banks and building societies having suffered the equivalent of more thanone month of IT failures between January 2023 and February 2025.

Those figures did not include the full impact of an outage at Barclays that startedat the end of Januaryand affected 56% of online payments during the crucial payday period for many employees. There has been further disruption at Barclays since then.

Get set for the working day – we'll point you to all the business news and analysis you need every morning

after newsletter promotion

Speaking to MPs on Tuesday, the chief executive of Barclays’ UK operations, Vim Maru, said the problems had been caused by software made by an external company.

“A software issue was the root cause, and we worked with a third-party provider that provides us with that software. We’ve learned the lessons around that. We’ve put a fix in place that means that we won’t have a recurrence. And then, looking forward, there’s a further enhancement that we’re making, which is in the middle of implementation,” Maru said.

The Barclays boss again apologised to customers affected. “We’re deeply sorry for the disruption that our technical issue on the 31st of January caused for our customers. We’ve clearly worked very hard to recover from that and make sure that we put the right steps in place,” he said.

Back to Home

Source: The Guardian