Tesco Bank Security Breached; Money Pilfered from 20,000 Accounts
U.K.-based Tesco Bank was the victim of a security breach over the weekend that exposed thousands of customer accounts, half of which had money removed. The bank’s fraud security systems detected “suspicious activity” Nov. 5, affecting approximately 40,000 accounts, and 20,000 of those accounts had money stolen from them, a Tesco Bank spokesperson tells Paybefore. The amount of money stolen has not been determined, according to the spokesperson and the bank would not define the nature of the “suspicious activity.”
The bank announced Nov. 7 that it’s temporarily suspending online transactions as a precautionary measure. “While online transactions will not be available, current account customers will still be able to use their cards for cash withdrawals, chip-and-pin payments, and all existing bill payments and direct debits will continue as normal,” according to a statement by Tesco Bank CEO Benny Higgins, posted on the bank’s Website. Higgins added that the bank continues to work with authorities and regulators, and that any customers who had money stolen are being be reimbursed by the bank. Tesco Bank, which has 136,000 customers, formed in 1997 as a joint venture between Royal Bank of Scotland and retail chain Tesco.
“This looks like the most serious, and certainly the most visible, of the various difficulties suffered by the U.K. banking sector in recent times,” said Peter Roe, research director at IT analyst company TechMarketView, according to the Belfast Telegraph. “The number of accounts affected suggests that this is a systemic failure of security around Tesco’s core database. As many banks breathe a sigh of relief that it is not their names in today’s headlines, they must surely recognize the scale of the problem. The sector needs to re-double its efforts in cyber-security. No-one is safe.”