Tesco Bank Hacked — Cyber Fraudsters Stole Money From 20,000 Accounts

Almost 20,000 Tesco Bank customers have had their money stolen from their accounts after the banking arm of UK’s biggest retailer fall victim to a hacking attack this weekend.

As a result of the hack, Tesco Bank has frozen online transactions in an attempt to protect its customers from, what it described as, the “online criminal activity.”

However, customers can still use their debit and credit cards for cash withdrawals and card-based payments.

Tesco Bank has not disclosed any details of the cyber attack or how accounts had been compromised, but Benny Higgins, chief executive of Tesco, confirmed that the hack affected 40,000 of its 136,000 accounts, half of which had already been used to withdraw money fraudulently over the weekend.

The bank would not disclose the total amount stolen from the accounts, but confirmed that the amount stolen was a “big number but not a huge number.”

If you have been affected by this incident, don’t worry!

Higgins has apologized for the “inconvenience” and announced that customers are not at financial risk, as any financial loss that results from this fraudulent activity will be borne by the bank.

“We are working hard to resume normal service on current accounts as soon as possible,” Higgins said.
“We can reassure customers that any financial loss as a result of this activity will be resolved fully by Tesco Bank, and we are working to refund accounts that have been subject to fraud as soon as possible.”

Tesco Bank, started in 1997 and has been owned by Tesco PLC since 2008, has over 7.8 million customers and 4,000 staff, based in Edinburgh, Glasgow, and Newcastle.
The bank said it detected suspicious activity within its customers’ accounts on its system “late on Saturday night and in the early hours of Sunday morning.”

One user tweeted that his available balance had dropped by £700 without him making any transaction. Another claimed that the disruption in the service had left her unable to feed her “kids in school tomorrow.”

Other users complained about a lack of communication from Tesco Bank and hours spent on hold.

“We have been hacked, all money gone, no email or text! Appalling response from Tesco so far #nobodyanswering,” a user tweeted.
UPDATE — Tesco Bank Pays Out £2.5 Million to 9000 Victims

The bank is working with federal authorities and regulators in an effort to address the security breach. It will keep its customers informed through regular updates on its website, Twitter, and direct communication.

Tesco Bank customers are unable to perform online transactions until the bank is “fully on top of the issue.”
Tesco Bank has confirmed that a total of £2.5 Million was stolen from its 9,000 customers in a massive cyber-attack spotted last weekend, and has finished refunded all customers who were victims of fraudulent online activity.

The attack forced the bank to freeze online transactions for all of its 136,000 current account holders in an attempt to protect its customers from the “online criminal activity,” but all account services have now returned to normal.

Tesco Bank reassured its customers that their personal data was not compromised as a result of the cyber attack, but did not provide any details about how the cyber attack occurred.

However, it confirmed the National Crime Agency (NCA), the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC) are all working closely with the bank to investigate this incident.

__Culled from THN (The Hacker News)