Tescos Online Banking Thefts
Tesco Bank is reported to be working with the National Crime Agency to investigate an incident where suspicious transactions resulted in money being taken from thousands of customer current accounts.
In what was described by Tesco as a ‘sophisticated’ attack last weekend, suspicious transactions were spotted by Tesco’s automated monitoring systems in an estimated 40, 000 customer accounts. In what many security commentators are saying appears to be a bank hack on an unprecedented scale, Tesco moved to suspend all transactions while the event was taking place.
Refund Pledge Made Good.
Tesco is reported to have already made good on a pledge to refund any money taken from the customer accounts in the attack. Latest reports show that the 9,000 account holders affected have now been given a total of £2.5 million in refunds.
Core System Thought To Be Safe.
Security commentators have suggested that because customers were still able to ATMs the indications are that the core computer system looks unlikely to have been affected. Tesco did, however, suspend online debit transactions and blocked customers from making online payments using their debit card since Sunday to prevent further criminal activity.
Not Many Current Accounts.
Although Tesco Bank has 7.8 million customers, it only has 137,000 current accounts, with the rest of the business being based around loans and credit cards. This is a much smaller number of current account customers than the big 4 banks of Lloyds Banking Group, HSBC, Royal Bank of Scotland and Barclays.
The speculation by some security commentators at the time of the attack was that criminals may have been able to exploit an issue in a third party’s connection to Tesco’s website to get in.
Tesco, however, have since stated that they know the exact nature of the attack but are not able to say more because it is part of a criminal investigation.
Tesco Bank Chief executive Benny Higgins has apologised to customers.
What Does This Mean For Your Business?
The financial sector has been warned about the likelihood of cyber attack attempts and, as customers, it is frustrating to hear that major banks can be affected in this way.
It is noted that were the speed of response not as quick, the impact could have been a lot worse. This reinforces the fact that all companies need to maintain disaster recovery plans and policies to adhere to in the event of a major issue.