Tesco Bank hack: £2.5m refunded to 9000 breach-hit customers – Inquirer

Tesco Bank hack: £2.5m refunded to 9000 breach-hit customers – Inquirer


TESCO BANK has revealed that the “sophisticated” attack on its online accounts at the weekend resulted in the loss of £2.5m and affected 9,000 customers.

Tesco said originally that 20,000 customers were affected by the “unprecedented” breach, but has since revealed that 9,000 accounts were compromised, less than half of the initial figure.

Some of those hit by the attack reported that as much as £2,000 was siphoned from their accounts over the weekend.

Tesco Bank said on Tuesday that it has refunded £2.5m to those affected, but has advised that personal data was not compromised in the attack. 

Tesco Bank CEO Benny Higgins confirmed this to the BBC, saying: “We’ve now refunded all customer accounts affected by fraud and lifted the suspension of online debit transactions so that customers can use their accounts as normal.

“We’d also like to reassure our customers that none of their personal data has been compromised. We’d again like to apologise for the worry and inconvenience this issue has caused.”

The UK’s National Crime Agency is leading a criminal investigation into the breach, according to a statement released on Tuesday by the newly formed National Cyber Security Centre (NCSC).

“Given the investigation thus far and the evidence at hand, the NCSC is unaware of any wider threat to the UK banking sector connected with this incident,” it said.

The Information Commissioner’s Office (ICO) also confirmed that it is casting its eye over the breach: “The law requires organisations to have appropriate measures in place to keep people’s personal data secure. Where there’s a suggestion that hasn’t happened, the ICO can investigate and enforce if necessary.”

A data protection lawyer, who asked not to be named, told the INQUIRER that Tesco, the supermarket chain that owns Tesco Bank, would face a fine of over £1.9bn for this weekend’s hack if it occurred under the EU’s forthcoming General Data Protection Regulations. µ



via breach – Google News http://news.google.com/news?hl=en&gl=us&pz=1&ned=us&q=breach

November 9, 2016 at 11:45AM