Tesco Bank attack: ‘Unprecendent and serious’ hack investigated

Tesco Bank has pledged to reimburse all customers who lost out money by Tuesday night

Click to follow
The Independent Online

The cyber attack on Tesco Bank that saw money stolen from 20,000 accounts is “unprecedented and serious”, the chief executive of the Financial Conduct Authority has said.

Tesco Bank has taken the drastic measure of temporarily halting all online transactions on Monday after 40,000 customers saw suspicions transactions on their savings accounts over the weekend. Half of the customers have seen hundreds of pounds taken from their accounts.

Andrew Bailey was facing questions from the Treasury Select Committee on Tuesday, where he acknowledged there was a shortage of talented tech staff within the banking sector.

He said: “There are elements of this that look unprecedented and it is serious, clearly."

“Millions of customers remain unnecessarily exposed to the risks of IT failures, including delays in paying bills and an inability to access their own money ... We can't carry on like this.”

Tesco Bank chief executive Benny Higgins said the bank was working with the authorities to identify those responsible.

The National Crime agency (NCA) is now leading the investigation into the case, which could be one of the most serious cyber attacks in the history of British banking.

Peter Roe, from IT analyst firm TechMarketView, said: “This looks like the most serious, and certainly the most visible, of the various difficulties suffered by the UK banking sector in recent times. The number of accounts affected suggests that this is a systemic failure of security around Tesco’s core database.”

Tesco Bank has pledged to reimburse all customers who lost out money by Tuesday night.

Jay Floyd, head of fraud strategy and solutions at ACI Worldwide (EMEA), said banks should be better prepared to deal with cyber threats: 

“An attack like this needs to kickstart a complete review of the bank’s internal fraud prevention strategy. Examining the timing of the fraud will also be key; the fact that the attack happened over the weekend when fraud departments can be thin on the ground, is an important factor which needs to be looked at.”