Menu
UK bank suspends online payments after fraud hits 20,000 accounts

UK bank suspends online payments after fraud hits 20,000 accounts

Almost one in three of Tesco Bank's checking accounts saw suspicious transactions

The banking arm of U.K. supermarket chain Tesco has suspended online payments for its 136,000 checking account customers following a spate of fraudulent transactions.

The bank suspended its payment service for all checking account customers after 40,000 experienced suspicious transactions, bank CEO Benny Higgins told BBC Radio 4 on Monday.

"Around half of them had money taken from the account," he said.

The bank will bear any losses as a result of the fraudulent activity and customers are not at financial risk, he said.

But they might be inconvenienced until the bank has secured its systems.

"We are stopping online transactions until we can bring things back under full control," Higgins said.

Customers will still be able to use the online banking service and make card payments in stores, he said.

The bank began sending text messages to customers on Sunday, alerting them to the problem and inviting them to call for further information. However, the bank's call center was quickly overwhelmed, to judge by reaction to the bank's blog posting about the incident. Many commenters reported that their calls had gone unanswered.

The U.K.'s National Crime Agency, which hosts the country's national cybercrime unit, said it is coordinating law enforcement response to what it described as "the Tesco Bank data breach."

The Information Commissioner's Office, the U.K.'s data protection authority, is aware of the incident and is looking into the details, a representative said.

The cause of the incident is unclear.

Tesco Bank referred to "online criminal activity" and "fraud" in a statement about the incident, but did not use the word "hack" in relation to the missing funds.

The bank uses the 3D Secure standard, also known as Verified by Visa or MasterCard SecureCode, to authenticate online payments. This requires customers to provide a password other than their four-digit PIN or the three-digit CVV printed on the reverse of their cards in order to complete online payments.

The losses could be due to a compromise of Tesco Bank's online banking system, or a malware infection on bank clients' PCs or mobile devices, spread through targeted spear-phishing attacks or a social engineering campaign, suggested Ilia Kolochenko, CEO of web security company, High-Tech Bridge.

"A massive skimming campaign cannot be excluded either," he said via email, referring to the possibility that criminals had obtained customers' bank card details and PINs when they used a rogue ATM or payment terminal.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments