Tesco Bank Hack: How Did it Happen?

Posted on November 30, 2016 by Tom Butler Cert CII

At the beginning of November 2016, fraudulent attackers carried out an “unprecedented” cyber-attack on Tesco Bank, stealing £2.5million from 1 in 15 of 136,000 customer accounts.

chip-and-pin
Over £2.5 million was stolen from the accounts of customers from Tesco Bank

Whilst the banking arm of the supermarket giant quickly reimbursed customers, we ask how this happened, and what businesses can learn.

Tesco Bank’s immediate response in the wake of the security breach was to suspend online and contactless transactions from customers’ current accounts. Normal service resumed within two days.

In an official statement, Tesco Bank confirmed that around 9,000 customer accounts were affected, but that: “personal data was not compromised as a result of fraud that took place over the weekend of 5-6 November and that online transactions had been suspended to prevent criminal activity”.

The Centre for Economic and Business Research estimates that cybercrime now costs the economy £34billion a year. The crisis was managed smoothly and quickly, causing minimal reputational damage. Banks must refund fraudulent transactions as long as the account holder has not been negligent. CEO Benny Higgins commented: “Our first priority throughout this incident has been protecting and looking after our customers”.

Andrew Bailey, Chief Executive of the Financial Conduct Authority (FCA), called the attack “unprecedented in the UK”. Previous headline-grabbing cyber-attacks such as those on TalkTalk and Yahoo! have focused on stealing customers’ personal data, including bank details which can be sold on to other criminals and used in identity theft, rather than stealing money outright.

Tesco Bank is working with authorities and regulators to investigate the causes of this ‘systemic and sophisticated’ attack, the results of which will reveal whether the bank’s online database had a major security failing or if it was no more vulnerable to fraud than any other bank. Attempted attacks are more common than we might think, but are not usually successful. Hacking skills and tools might be more sophisticated than ever, however so are counter-measures and security systems.

Got a question about cyber insurance? Call us on 0113 2500377.