Tesco Bank today stated 20,000 people had up to £2,000 taken from their accounts in a cyber attack that may not be finished yet. Tesco has halted onli
Tesco Bank today stated 20,000 people had up to £2,000 taken from their accounts in a cyber attack that may not be finished yet. Tesco has halted online payments for current account customers.
The bank’s chief executive Benny Higgins stated he was “very hopeful” customers would be refunded within 24 hours. But he has refused to say how much in total which has been taken and admitted that the thousands who have had money stolen may not get it back today.
Customers affected by the block will still be able to withdraw cash and use other services. “While online transactions will not be available, current account customers will still be able to use their cards for cash withdrawals, chip and pin payments, and all existing bill payments and direct debits will continue as normal. We are working hard to resume normal service on current accounts as soon as possible,” he said.
The National Crime Agency – Britain’s FBI – are now investigating the thefts.
There are claims that the hackers may have found a way to create cards for Tesco Bank accounts to withdraw or spend money. One customer stated how he had never been given a debit card because he has an online savings account, yet someone tried using a card linked to his account to pay for goods at 9am yesterday.
Tesco sent text alerts to account holders late on Saturday when there was suspicious activity detected on a various number of accounts. Customers were reporting that there was up to £600 that was missing from accounts.
Customers have also hit out at Tesco for not making any contact with them more than 36 hours after the hacking started to explain the situation. Tesco has refused to say how many customers have actually been affected, saying only that a ‘small proportion’ of it’s accounts were actually involved.
The attack will raise more concerns about internet security, with experts warning that online banking was becoming an increasingly attractive target. The bank’s customers, many of whom were left without any money after their payment cards were blocked, questioned how their bank’s high-security systems had been attacked.
A spokesperson for the Information Commissioner’s Office said: “We’re aware of this incident and are looking into the details. The law requires organisations to have appropriate measures in place to keep people’s personal data secure. Where there’s a suggestion that hasn’t happened, the ICO can investigate, and enforce if necessary.”