Online criminal activity affecting 40,000 accounts was identified during the weekend and 20,000 customers had their money stolen with amounts varying from tens to hundreds of pounds. Immediately online transactions were ceased to protect the 130,000+ customers having current accounts, and the institution promised to refund the money lost during this incident. The alarm was triggered by the bank’s automatic fraud detection system which monitors ongoing transactions and detects abnormal situations like multiple transactions involving a single account being carried out in different places over short time intervals.
The financial institution did not offer information about the incident or how it was carried out. The initial suppositions of the media included a breach at one of the third party partner retailers or a hack, none confirmed or infirmed officially.
Later reports from the bank’s officials indicate the fact that the initial investigation identified what happened, but details are not disclosed as other investigations are still ongoing.
Customers who lost money in this incident claim fraudulent transactions were carried out from Rio de Janeiro, Brazil.
Debit card online payments were still disabled on Monday, but customers can withdraw money from ATMs and use the cards in shops using pin payment security.
“We apologize for the worry and inconvenience that this has caused for customers, and can only stress that we are taking every step to protect our customers’ accounts. That is why, as a precautionary measure, we have taken the decision today to temporarily stop online transactions from current accounts. This will only affect current account customers. While online transactions will not be available, current account customers will still be able to use their cards for cash withdrawals, chip and pin payments, and all existing bill payments and direct debits will continue as normal. We are working hard to resume normal service on current accounts as soon as possible.” said Chief Executive Benny Higgins.
“This is just the latest in a long list of failures and breaches of banking IT systems, exposing many thousands of customers to uncertainty and disruption (…) We can’t carry on like this.” said Andrew Tyrie, chairman of the Treasury Committee.
“I’ve not heard of an attack of this nature and scale on a UK bank where it appears that the bank’s central system is the target,” said Prof Alan Woodward, a security consultant who has worked with Europol.
As the situation unfolds, the current context creates an opportunity for malicious attackers to carry out phishing attacks targeted at the bank’s customers. Since Tesco already sent official notifications, people expect to hear more or receive updates. Most would trust phishing messages that appear to be sent by Tesco, leading to an increased click through rate and consequently to better results for the cyber criminals.
Express caution when receiving messages from Tesco and verify the authenticity using the official Twitter account or the official website. Verify the links before clicking and avoid giving personal information over the phone.
Official Twitter account: https://twitter.com/TescoBankNews
Website: http://www.tescobank.com/
Liked this article? Follow us on LinkedIn for more, or subscribe to our newsletter.
Check out the BBC report on the matter here: http://www.bbc.com/news/technology-37896273
This post was last modified on August 21, 2023 7:27 am
In the digital world, information is often stored and transferred through files. From the most…
Introduction Data security is more important than ever in today's fast-paced digital world. One critical…
Introduction: Cyber threats are a growing concern for businesses and individuals alike. With the increasing…
Microsoft Internet Information Services (IIS) is a popular web server that is widely used to…
File tracking is an important aspect of server administration, and it can help administrators detect…
File monitoring solutions are essential tools for administrators to manage and protect their organizations' data…