HSBC insider breach: Fallout continues for private banking clients and the bank
The HSBC data theft by their former employee Hervé Falciani is finally getting a lot of mainstream media attention here, with 60 Minutes doing a segment on Falciani last night (video).
The computer files, which Falciani shopped to a number of governments, reveal that HSBC, one of the largest banks in the world, profited from its private banking arm that did business with “arms dealers who channeled mortar bombs to child soldiers in Africa, bag men for Third World dictators, traffickers in blood diamonds and other international outlaws,” according to the International Consortium of Investigative Journalists.
If the leak and its implications are news to you, you haven’t been reading this blog for long, as I’ve been covering this insider breach and its consequences for the bank and tax evaders since 2009. Searching this blog for “HSBC Falciani” will take you to some of the previous coverage. Or head on over to the International Consortium of Investigative Journalists to take a look at their project on these leaks and their backgrounder on Falciani. The Guardian also running a big piece on the breach and resulting investigations.
Expect to see a lot of pieces as individual athletes, politicians, and celebrities make headlines as their attempts to evade taxes get picked up by the media. But don’t lose sight of the bigger issues. Did HSBC engage in felonious behavior under our laws, and if so, what will happen to the bank? Did HSBC make privacy and data security assurances to its private banking clients that it failed to keep? And when we think about damage from external threats vs. internal threats, how do we calculate the financial damage/injury from this one? While the JPMorgan Chase hack made lots of headlines this summer (and rightfully so), the HSBC breach may stand as one of the worse, if not the worst, breach ever in the financial sector, even though the number affected is not as great as some other breaches.