Tesco Bank suspends ‘all transactions’ as 20,000 customers lose money after hack attack | The Independent


Big banking hack attack in UK.


  1. Tomi Engdahl says:

    Tesco Bank ‘Hack’ Still a Mystery

    Little is currently known about how money was stolen from thousands of Tesco Bank current account (checking account) holders last weekend. It is clear now, however, that approximately 9,000 customers rather than the initial estimate of 20,000 were affected.

    “We’ve now refunded all customer accounts affected by fraud and lifted the suspension of online debit transactions so that customers can use their accounts as normal,” said chief executive Benny Higgins. This seems to imply that the incident is over.

    Needless to say, the usual claims have been made in the British media. The Daily Telegraph ran a story headlined: Spy agency GCHQ investigates Tesco Bank cyber theft amid fears it was ‘state sponsored’. Both of these suggestions are unlikely.

    If the bank had been breached in the usual ‘hack and steal’ manner, it would normally take weeks if not months of forensic examination to ensure that there are no intruders on the network, and no hidden malware left behind.

    There is, however, a strange comment in the bank’s FAQ for worried customers:

    Q. Should I change all of my online banking and personal details that you hold?

    A. Tesco Bank has not been subject to a security compromise and it is not necessary for customers to change their login or password details. To stay safe online we do recommend that customers regularly change their passwords.

    Note also that a BBC report commented, “Tesco has yet to use the word ‘hacking’ to describe the breach.” Putting all of these together (Tesco bank knows what happened, it is over, and its systems were not compromised), there seems to be a strong implication that this was not a standard criminal hack.

    Spy agency GCHQ investigates Tesco Bank cyber theft amid fears it was ‘state sponsored’

  2. Tomi Engdahl says:

    Tesco Bank blames ‘systematic sophisticated attack’ for account losses

    Tesco Bank’s chief executive has blamed “a systematic, sophisticated attack” for the money taken from 20,000 of its customer accounts.

    Benny Higgins said the bank knew “exactly” what the attack was, but could not say more because it was part of a criminal investigation.

    He said all affected customers would be refunded by the end of Tuesday.

    About 40,000 accounts saw suspicious transactions over the weekend, of which half had money taken.

    The bank is still blocking current account customers from making online payments using their debit card, a temporary measure it put in place on Sunday.

    One cybersecurity expert said this could be an unprecedented breach at a British bank.

    “I’ve not heard of an attack of this nature and scale on a UK bank where it appears that the bank’s central system is the target,” said Prof Alan Woodward, a security consultant who has worked with Europol.

    Over the weekend, customers complained about money being withdrawn without permission, cards being blocked and long delays to get through to the bank on the phone.

    Tesco has yet to use the word “hacking” to describe the breach.

    The bank has more than seven million customer accounts and 4,000 staff, based in Edinburgh, Glasgow and Newcastle.

    “I was just about to go to bed when I received a text message from Tesco saying there had been fraud on my account. So of course you panic.”

    Other customers complained on Tesco Bank’s website and through social media about long delays when calling the company’s customer service line to find out if their account was affected.

    Analysis: Rory Cellan-Jones, BBC technology correspondent

    Make no mistake, while Tesco Bank is stressing that relatively small amounts were taken from 20,000 accounts, this is a very serious security incident.

    All Tesco Bank will say is that it has been the victim of “online criminal activity” so we have little detail on the nature of the attack.

    But what is different is that it involves tens of thousands falling victim in a 24 hour period to what appears to be an automated process, rather than individuals clicking on links in phishing emails or having their details stolen after downloading malicious software.

  3. Tomi Engdahl says:

    Dark web hackers boast of Tesco Bank thefts

    Hackers boasted of thefts from Tesco Bank months before the company reported losing £2.5m in an attack.

    Cybersecurity company Cyberint said it had discovered posts on a variety of dark web forums whose members had described the lender as being a “cash milking cow” and “easy to cash out”.

    It is not clear, however, whether there is any link between these claims and the money stolen just over a week ago.

    The bank has repeatedly declined to give details of the crime.

    It says it is unable to do so while a criminal investigation is being carried out.

    Elsewhere, the Sunday Times suggested that the raid had involved the use of contactless payments triggered by smartphones.

    And a second cybersecurity company said it had warned Tesco of problems with several of its mobile apps four months ago, but had been ignored.

    The Financial Times was first to report that Cyberint had carried out its own probe of hidden web pages following the thefts over the weekend of 5-6 November.

    The Israeli company said it had found discussions about a tool that “brute forced” access to Tesco’s accounts by testing thousands of login and password combinations until one was found to work.

    It said the bank had repeatedly taken steps to prevent such attacks, but the hackers had apparently bypassed the measures.

  4. Tomi Engdahl says:

    Tesco hackers used mobiles to launder haul
    Raiders used contactless accounts to spend stolen £2.5m in US and Brazil

    The criminals behind the Tesco Bank cyber-heist went on a spending spree in shops in the US and Brazil to launder their ill-gotten gains, The Sunday Times can reveal.

    The thieves used data stolen from the British lender to set up contactless payment accounts on smartphones, sources said.

    In a co-ordinated raid last weekend, they bought thousands of low-priced goods from stores, swiping their mobile phones at the tills. Many of the fraudulent transactions are understood to have been made in American electricals retailer Best Buy.

    The gang took £2.5m from 9,000 Tesco Bank customers

  5. Tomi Engdahl says:

    Tesco Bank says attack cost it £2.5m and hit 9,000 people

    Tesco Bank says it has refunded £2.5m to 9,000 customers who had money taken in an attack on their accounts.

    The number given for the current account customers hit by the fraud is fewer than half of the 20,000 initially reported to have been affected.

    Personal data “was not compromised” in the attack, and all accounts affected had been refunded, the bank said.

    Tesco Bank has said it was hit by “a systematic, sophisticated attack” at the weekend.

    Andrew Bailey, chief executive of the Financial Conduct Authority (FCA), earlier told MPs he was worried about weaknesses in banks’ complex IT systems.

    The more complex banks’ IT systems were, the more potential “points of entry” were available for criminals, he suggested.

    “The heart of concern is what is the root cause of this [Tesco attack] and what it tells us about the broader threats,” Mr Bailey said.

  6. Tomi Engdahl says:

    Tesco Bank attack was unprecedented, says regulator


Leave a Comment

Your email address will not be published. Required fields are marked *