The 2016 incident, the first mass breach of accounts at a western bank, forced Tesco’s financial arm to temporarily shut down online services and reimburse customers GBP 2.5 million that was stolen.
At the end of September 2018, the Financial Conduct Authority (FCA) had been considering a record fine of up to GBP 30 million. In its ruling, the Financial Conduct Authority said that Tesco Bank had made a “series of errors” that included a 21 hour delay that allowed the hackers to carry out multiple fraudulent transactions, according to online publication Silicon.co.uk.
In November 2016 Tesco Bank had been forced to suspend all online transactions after it found that criminals were accessing customers’ accounts. The bank revised an initial estimate that 40,000 customers had been affected down to 20,000 and subsequently to 9,000.
Although Tesco Bank’s controls stopped almost 80 percent of the unauthorised transactions, the Cyber Attack affected 8,261 out of 131,000 Tesco Bank personal current accounts, said the FCA.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now