The CEO of HSBC UK, Ian Stuart, expressed serious concerns about the threat of cyber attacks during a recent Commons Treasury Committee session. Cyber-security emerged as the foremost issue discussed among various bank leaders.
Stuart stated, “It does worry me – we can be attacked and we are being attacked all the time.” Over the past two years, nine major UK banks and building societies collectively endured over 800 hours of technical outages, translating to approximately 33 days.
February witnessed a notable cyber incident affecting four high street banks—HSBC, Lloyds, TSB, and Nationwide—impacting more than 1.2 million retail banking customers. Additionally, a significant cyber attack targeted UK high street retailers, with Marks & Spencer reported to incur losses of £43 million a day while attempting to restore its services.
Stuart highlighted the substantial investments in IT security that banks must make due to rising cyber risks, stating, “The amount of money banks will be putting into our systems is enormous. The defense mechanisms you implement are absolutely critical.”
HSBC was among nine banks present at the Committee hearing, which also included representatives from Barclays, Lloyds, Nationwide, Santander, NatWest, Danske Bank, Bank of Ireland, and Allied Irish Bank. In total, these banks recorded 158 IT failures between January 2023 and February 2025.