The Guardian newspaper reports that a security defect at HSBC bank has left millions of online bank accounts exposed to potential fraud. The Guardian has learned the defect in HSBC's online banking system means that 3.1 million UK customers registered to use the service have been vulnerable to attack for at least two years.
The discovery was made by a group of researchers at Cardiff University, who found that anyone exploiting the flaw was guaranteed to be able to break into any account within nine attempts.
The flaw, which is not being detailed by the Guardian, revolves around the way HSBC customers access their web-based banking service. Criminals using "keyloggers" - can easily deduce the data needed to gain unrestricted access to accounts in just a few attempts.