Skip to main content

A British bank pays out $3.1M to customers after ‘sophisticated’ hack

uk bank hack tesco
Tesco Bank
The U.K.’s Tesco Bank was hit by what it described as a “systematic, sophisticated” hack over the weekend that saw large amounts of money swiped from customers’ accounts.

It was initially thought that some 20,000 accounts had been targeted. However, on Tuesday, the bank confirmed that 9,000 customers had money taken from them in the online heist, and that the bank had made refunds to all those affected to the tune of 2.5 million British pounds (about $3.1 million U.S.), according to the BBC.

The bank added that no personal data was compromised in the attack.

After the hack was discovered on Sunday, when thousands of shocked customers reported fraudulent activity on their accounts, officials at the bank made the decision to temporarily stop online transactions. Customers with money still in their accounts were still able to use their cards for ATM cash withdrawals, store payments, and all existing bill and direct debit payments.

All of Tesco Bank’s services are now operational again, while an investigation is underway to discover how the attack took place and who was behind it.

While banks are often the target of online fraud through methods such as phishing scams, having money stolen directly from accounts in this manner has clearly taken many by surprise. The U.K.’s Financial Conduct Authority (FCA) regulatory body went so far as to describe the fraud as “unprecedented.”

FCA chief Andrew Bailey told a committee of lawmakers this week that he had concerns regarding weaknesses in banks’ complex IT systems.

He said that elaborate systems meant there were potentially more points of entry for cybercriminals to exploit, adding, “The heart of concern is what is the root cause of this [Tesco attack] and what it tells us about the broader threats.”

Tesco is a household name in the U.K. thanks to its prominence in the supermarket industry. While its first grocery store opened almost 100 years ago, it only launched its first bank in 1997, in a joint venture with the Royal Bank of Scotland.

This week’s hack is a major embarrassment for the bank, and the pressure is on for it  to reassure customers that its IT systems are secure enough to prevent a similar kind of incident in the future.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Home Depot agrees to pay customers $20M to settle that massive 2014 hack
home depot security breach settlement

Home Depot's security breach 18 months ago was hugely embarrassing for the company, and only now is it coming near to finally bringing the matter to a close.

The retail giant said Tuesday it's agreed to pay a minimum of $19.5 million in compensation to customers caught up in the incident that saw cybercriminals nab payment card information and email addresses belonging to tens of millions of Home Depot shoppers.

Read more
U.K. cops arrest teen in high-profile hacking case

Just days after one of the U.K.'s leading mobile and broadband providers revealed it'd been the victim of what it described as a "significant and sustained" hack on its computer systems, London's Metropolitan Police said Monday it'd made an arrest in connection with the incident.

TalkTalk, which said the hack may have affected all four million of its customers, announced in a release it was aware of the arrest and was continuing to help with the investigation.

Read more
UK mobile carrier TalkTalk hit by hackers, 4M customers may be affected
great news for job seekers in 2016 especially if youre tech programmer

Four million customers of one of the U.K.'s leading mobile and broadband providers woke up Friday to learn that their personal data may now be in the hands of cybercriminals.

Revealing details of the breach late Thursday, the company said it took its website offline the previous day after spotting early indications of a cyberattack. A subsequent investigation pointed to a "significant and sustained attack" on the site, leading to a TalkTalk announcement admitting hackers may have stolen customer data that includes names, addresses, dates of birth, bank and credit card details, phone numbers, and email addresses.

Read more