In a major breach, UK based Tesco bank has announced that it was at the receiving end of an attack. Apparently, an attempt was made to withdraw money and perform other unauthorized and other illegal actions. While as many as 40,000 accounts played host to suspicious activities, around half or nearly 20,000 users ended up losing money from their accounts.
The attack has led to some significant financial losses for the company as well. While no data on the total amount of money lost is available, many accounts ended up hundreds of pounds poorer. As a precautionary and preventive measure, Tesco Bank has frozen all online payment facilities for current accounts temporarily. The bank is employed in making its systems secure again. It has also promised full refunds to all of its affected users as soon as possible as well.
Meanwhile, other bank services such as ATM card and pin will still work. Scheduled payments will work properly as well, however, online payment facilities for current accounts has been temporarily put on hold. The investigation is likely to involve various government agencies as well.
Tesco had been aware of something of the sort since earlier, and had released an sttatement where it said that some of its accounts have been subject to online criminal activity. While 20,000 may be some with respect to the 7 million or so accounts hosted by Tesco, the bank is certain to take a fall to its reputation. Although, in all fairness, the bank is doing all it can to recover the breach and has even said that it will refund all financial losses that have been incurred as soon as possible.
As per Tesco bank’s Chief Executive Benny Higgins,
Any financial loss that results from this fraudulent activity will be borne by the bank. Customers are not at financial risk.
And indeed, UK rules require that Tesco pay. As per the guidelines in case of fraud, unless banks can come up with evidence that the customer was at fault or that the fraudulent transaction was more than 13 months ago,banks must pay the damages.
Speaking on the topic to The TechPortal, Hannah Maundrell, Editor-in-chief at Money.co.uk said,
Anyone with a Tesco Bank current account should log in to their online banking ASAP to check money isn’t missing. If there are transactions you don’t recognize, contact Tesco Bank and get them to investigate. They have to make sure you don’t lose out financially and should refund any money taken by the hackers immediately along with any charges you’ve been hit with because of it.
She also added that,
You can’t make online payments right now but direct debits should still go out as usual and you’ll still be able to use your debit card to get cash and make payments.
Meanwhile, regardless of how soon Tesco manages to refund its customers — the bank’s reputation has certainly suffered. This is no minor accident involving an oversight on a customer’s part that can be easily shrugged off. The attack was undoubtedly major and according to several experts, may have involved inside assistance as well.