lolloj - Fotolia

Tesco Bank halts online banking after weekend hacker fraud

Tesco Bank halts online banking after thousands of current account customers were hit by fraudulent transactions by hackers at the weekend

Tesco Bank has temporarily suspended online banking operations for current account customers after thousands were affected by hacker fraud at the weekend.

The bank has confirmed that some customers’ current accounts were “subject to online criminal activity” over the weekend, resulting in money being withdrawn fraudulently in “some cases”.

Customers took to social media at the weekend to complain about money disappearing from their Tesco Bank current accounts.

The bank has so far given no details of how the fraud was committed. Typically, cyber fraud is carried out by using various methods of stealing customer credentials or copying bank card details to make duplicate cards, which enable cyber criminals to access online bank accounts to carry out fraudulent transactions.

The cyber criminals involved in the attack on Tesco Bank may have found a way to create duplicate cards, reports the Mail Online, because of claims that in some cases card withdrawals have been made in Brazil.

“The clever part of the theft from Tesco Bank accounts over the weekend was not the ‘hack’ but doing it over the weekend when banks are typically understaffed, and will respond more slowly,” said Cliff Moyce, global head of financial services at technology consulting firm DataArt.

“Look at how long it took them to answer customer service numbers. Automated fraud detection systems appear to have worked well, but a lack of people at desks will not have helped,” he said.

Moyce also believes the chances of the crime being a remote technical hack via a network intrusion is much less than 50%. “Far more likely is the action or failure of a human actor, or weak process or management controls when information is shared between providers,” he said.

“Tesco will need to investigate the possibility of an ‘economic hack’ in which an offshore employee is offered multiples of their annual salary in return for a tranche of customer data. But a weak security control, rather than ill intent from an employee or sub-contractor, remains the more likely factor.”

Suspicious activity found in 40,000 accounts

The bank, which was formed as joint venture with The Royal Bank of Scotland in 1997 and became wholly owned by Tesco in 2008, did not confirm how many customer accounts were affected or how much money has gone missing.

However, the bank – which has 7.8 million customers – said suspicious transactions had been observed in 40,000 accounts, while 20,000 had resulted in financial losses, according to the Mail Online.

“We apologise for the worry and inconvenience that this has caused for customers, and can only stress that we are taking every step to protect our customers’ accounts,” said Tesco Bank chief executive Benny Higgins in a message to customers.

While online transactions will not be available, current account customers will still be able to use their cards for cash withdrawals, chip and pin payments, and all existing bill payments and direct debits will continue as normal.

“We continue to work with the authorities and regulators to address the fraud and will keep our customers informed through regular updates on our website, twitter and direct communication,” said Higgins.

“We can reassure customers that any financial loss as a result of this activity will be resolved fully by Tesco Bank, and we are working to refund accounts that have been subject to fraud as soon as possible,” he said.

The Financial Conduct Authority (FCA) requires banks to refund unauthorised payments and any charges or interest added to an account as the result of fraudulent payments.

Growth of online attacks

This is not the first time that Tesco Bank has been targeted by hackers. In 2014, details of 2,239 Tesco Bank accounts were accessed by hackers and posted online, and in 2015, customers were targeted by a phishing email attack designed to steal account log-in details.

The banking sector is one of the most highly targeted by cyber criminals. In October 2016, the US government called on financial institutions to share more cyber attack information amid growing concern about the sector’s vulnerability.

US bank regulators have also recently outlined new cyber security standards to protect financial markets and consumers from online attacks.  

Cyber security issues have become a priority for regulators as the likes of the New York Federal Reserve have been caught in high-profile cyber attacks.

In the UK, consumer group Which? has slammed the country’s high street banks for failing to adequately protect customers from online scams.

According to the consumer group, only five of 11 high streets banks have adopted two-factor authentication methods to protect customers.

Which? identified Halifax, Lloyds Bank, Santander and TSB as being among the worst offenders, saying that from 2014 to 2015, losses rose by 64% for online banking to reach £133.5m and increased by 28% to £323.3m for phone banking.

The banks “consistently scored poorly” in their security measures over the four years they had been monitored and had failed to invest in the proper security systems that would keep their customers safe from fraudsters, the report said.

Read more about online banking and cyber security

Read more on Hackers and cybercrime prevention