iTnews

Tesco Bank fined $29.5m over 2016 cyber attack

By Staff Writer, SC Magazine on Oct 2, 2018 12:21PM
Tesco Bank fined $29.5m over 2016 cyber attack

Did not heed warning until after attack began.

Tesco Bank has been fined £16.4 million ($29.5 million) after it failed to address the threat of a cyber attack until the incident was already underway.

The fine was meted out by the UK’s Financial Conduct Authority (FCA) “for failing to exercise due skill, care and diligence in protecting its personal current account holders against a cyber attack”.

The cyber attack took place in November 2016 and saw $4m taken from accounts over 48 hours.

It forced the bank to shut itself down for several days to prevent further losses.

The FCA said in a statement that attackers had “exploited deficiencies in Tesco Bank’s design of its debit card, its financial crime controls and in its financial crime operations team to carry out the attack.”

“The fine the FCA imposed on Tesco Bank today reflects the fact that the FCA has no tolerance for banks that fail to protect customers from foreseeable risks,” executive director of enforcement and oversight Mark Steward said.

“In this case, the attack was the subject of a very specific warning that Tesco Bank did not properly address until after the attack started.

“This was too little, too late. Customers should not have been exposed to the risk at all.”

The FCA said Tesco Bank had since addressed deficiencies in its security posture and practices.

The bank had also “provided a high level of cooperation to the FCA” which, together with compensation paid out to customers, landed it a substantial discount on the fine.

The FCA said it had been shaping to fine Tesco Bank £33,562,400 ($60.5 million) otherwise.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
attack cyber fine security tesco bank warning

Partner Content

Shut the door on ransomware
Partner Content Shut the door on ransomware
MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
MSI launches innovative new laptops
Partner Content MSI launches innovative new laptops
Improving returns from SD-WAN spending
Sponsored Content Improving returns from SD-WAN spending

Sponsored Whitepapers

The risky business of open source
The risky business of open source
Ensure your e-signatures are legally binding
Ensure your e-signatures are legally binding
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation
How to choose a WAF that's right for you
How to choose a WAF that's right for you
The global telco 5G cloud gaming opportunity
The global telco 5G cloud gaming opportunity

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • Beat the DDoS blackmailers in 2021
By Staff Writer, SC Magazine
Oct 2 2018
12:21PM
0 Comments

Related Articles

  • EU drugs regulator says some data from cyber attack leaked online
  • ANU uses new security capabilities to help other Unis fend off attacks
  • UAE target of cyber attacks after Israel deal
  • Britain says Russia on cyber offensive to sabotage Tokyo Olympics
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Google unravels state-of-art Android and Windows exploit chains

Google unravels state-of-art Android and Windows exploit chains

Tyro halts trading following week-long outage

Tyro halts trading following week-long outage

Woolworths to build a platform to host subscription-based services

Woolworths to build a platform to host subscription-based services

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.