20,000 Tesco Bank customers lose money

All online payments for Tesco Banks current account customers have been halted as money has been taken from 20,000 accounts.

tesco bank

Benny Higgins, the banks chief executive has said that he is ‘very hopeful’ customers would be refined within 24hours.

“About 40,000 accounts saw suspicious transactions over the weekend, of which half had money taken” he said.

Mr Higgins also mentioned that, “Customers will still be able to use their cards for cash withdrawals, chip and pin payments, and bill payments. The bank is blocking customers from making online payments using their debit card, although transfers between accounts and to other people are still allowed.”

Earlier on the bank had confirmed that some accounts have been subject to online criminal activity, in some cases resulting in money being withdrawn fraudulently. Mr Higgins has also apologised for the worry and inconvenience that many customers have faced.

Many other customers who are unsure if they have or haven’t been affected, have been complaining on Tesco banks website and also through social media, are mentioning about the long delays when they were calling the banks customer service to find out if their account was affected.

Although while Tesco Bank is stressing that relatively small amounts were taken from 20,000 accounts. This is a serious cybersecurity incident. Tesco Bank will say that it has been the victim of “Online Criminal activity” so we are only getting very little information about the nature of the attack.

The difference is that this involves tens of thousands who have fallen victim in a period of 24 hours, which appears to be an automated process, compared to individuals who have been clicking on links in a phishing email or having their details stolen by downloading a malicious software.

Robert Schifreen, editor of a computer safety website, said “Tesco Bank must tell people what happened and how fraudsters obtained customers’ bank details.”

“It could be, for example, that people have been attaching skimming devices, card readers and cameras specifically to Tesco’s cash point machines, so that they’ve been capturing people’s accounts there,” Mr Schifreen added.

A spokesman for National Crime Agency (NCA) has confirmed that it is leading the investigation in to the case, although they have stressed that there is no set formula for dealing with cyberattacks, which tends to vary in terms depending on the sophistication.

“It will be investigated and hopefully that will lead to action and arrests,” he said.

The UK’s data regulator from the Information Commissioner’s Office, has also said that they are looking into the case and will investigate to see if customers’ personal data has not been kept secure.

Tesco Bank has said they will continue to work with the authorities and regulators to address the fraud and will keep our customers informed through regular updates on our website, Twitter, and direct communication.