08.11.16: Tesco Bank face stinging criticism yesterday after 40,000 accounts were hacked, with 20,000 customers having their savings stolen, reports The Times.
Experts believe that customers hit by the huge cyberattack may have been the victims of an inside job. The news reported earlier today has caused outcry among customers and industry professionals alike as the bank allowed an estimated £17 million to be drained from accounts.
“This is just the latest in a long list of failures and breaches of banking IT systems”
Executives at the bank have been asked to explain to parliament what went wrong after thousands of people were left without access to cash. Security experts said that employee fraud of failure was the most likely explanation for the assault.
Last night it emerged that the American company responsible for stopping fraud at Tesco Bank was itself the victim of an extensive cyberattack, less than a year before being hired by the supermarket to build the computer system it now relies on.
Commenting on the news about Tesco Bank Rt Hon. Andrew Tyrie MP, Chairman of the Treasury Committee said:
“This is just the latest in a long list of failures and breaches of banking IT systems, exposing many thousands of customers to uncertainty and disruption.
“At the beginning of the year, I wrote to the regulators urging them to take action to ensure that banks improve the resilience and security of their systems, and their IT expertise.
“Millions of customers remain unnecessarily exposed to the risks of IT failures, including delays in paying bills and an inability to access their own money.
“As for this case, I will be writing to Tesco Bank’s Chief Executive to find out what went wrong, and what actions are being taken to reduce the likelihood of it happening again. Making sure that banks improve their IT systems, and their resilience to cybercrime, is also a responsibility of regulators. We will raise this issue with them again shortly. We can’t carry on like this.”
Tesco Bank confirmed on the 9th of November that a normal service had resumed across all of its services.
The Bank also confirmed that personal data was not compromised as a result of fraud that took place over the weekend of 5-6 November and that online transactions had been suspended to prevent criminal activity.
Tesco Bank CEO, Benny Higgins commented:
“Our first priority throughout this incident has been protecting and looking after our customers and we’d again like to apologise for the worry and inconvenience this issue has caused.
“We’ve now refunded all customer accounts affected by fraud and lifted the suspension of online debit transactions so that customers can use their accounts as normal. We’d also like to reassure our customers that none of their personal data has been compromised.”
Tesco Bank has now confirmed around 9,000 customers were affected by these fraudulent transactions and all customers affected were fully reimbursed by the evening of Tuesday 8 November. The total cost of refunding these customers is estimated to be £2.5 million.
Tesco Bank confirmed it is continuing to work closely with the authorities and regulators in their criminal investigation of this incident.