FCA penalizes Tesco Bank GBP 16.4 mln over 2016 cyber-attack

Tuesday 2 October 2018 10:19 CET | News

Tesco’s banking division has to pay a GBP 16.4 million fine over a 2016 cyberattack that led to customer losses of GBP 2.5 million, according to FCA’s ruling.

The 2016 incident, the first mass breach of accounts at a western bank, forced Tesco’s financial arm to temporarily shut down online services and reimburse customers GBP 2.5 million that was stolen.

At the end of September 2018, the Financial Conduct Authority (FCA) had been considering a record fine of up to GBP 30 million. In its ruling, the Financial Conduct Authority said that Tesco Bank had made a “series of errors” that included a 21 hour delay that allowed the hackers to carry out multiple fraudulent transactions, according to online publication

In November 2016 Tesco Bank had been forced to suspend all online transactions after it found that criminals were accessing customers’ accounts. The bank revised an initial estimate that 40,000 customers had been affected down to 20,000 and subsequently to 9,000.

Although Tesco Bank’s controls stopped almost 80 percent of the unauthorised transactions, the Cyber Attack affected 8,261 out of 131,000 Tesco Bank personal current accounts, said the FCA.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Tesco Bank, FCA, fine, data breach, cyber attack, UK, fraudulent transfers, bank accounts
Countries: World

Industry Events