This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.theguardian.com/business/2018/oct/01/tesco-bank-fined-cyber-attack-fca
The article has changed 2 times. There is an RSS feed of changes available.
Previous version
1
Next version
| Version 0 | Version 1 |
|---|---|
| Tesco Bank fined £16.4m by watchdog over cyber-attack | Tesco Bank fined £16.4m by watchdog over cyber-attack |
| (4 months later) | |
| Tesco Bank has agreed to pay £16.4m as part of a settlement with the Financial Conduct Authority following a cyber-attack in 2016. | Tesco Bank has agreed to pay £16.4m as part of a settlement with the Financial Conduct Authority following a cyber-attack in 2016. |
| Tesco said the attack did not involve the theft or loss of any customers’ data, but led to 34 transactions in which funds were debited from accounts, and other customers having normal service disrupted. | Tesco said the attack did not involve the theft or loss of any customers’ data, but led to 34 transactions in which funds were debited from accounts, and other customers having normal service disrupted. |
| The FCA said the fraud netted cyber-attackers £2.26m, exploiting “deficiencies” in Tesco Bank’s design of its debit card, its financial crime controls and in its financial crime operations team. | The FCA said the fraud netted cyber-attackers £2.26m, exploiting “deficiencies” in Tesco Bank’s design of its debit card, its financial crime controls and in its financial crime operations team. |
| But it added that, following the attack, Tesco Bank immediately put in place a “comprehensive redress” programme and devoted significant resources to improving the deficiencies that left the bank vulnerable to the attack. | But it added that, following the attack, Tesco Bank immediately put in place a “comprehensive redress” programme and devoted significant resources to improving the deficiencies that left the bank vulnerable to the attack. |
| Had Tesco Bank not provided a high level of cooperation to the FCA and agreed to an early settlement, the watchdog would have fined the lender £33.56m. | Had Tesco Bank not provided a high level of cooperation to the FCA and agreed to an early settlement, the watchdog would have fined the lender £33.56m. |
| The Tesco Bank chief executive, Gerry Mallon, said: “We are very sorry for the impact that this fraud attack had on our customers. Our priority is always the safety and security of our customers’ accounts and we fully accept the FCA’s notice. | The Tesco Bank chief executive, Gerry Mallon, said: “We are very sorry for the impact that this fraud attack had on our customers. Our priority is always the safety and security of our customers’ accounts and we fully accept the FCA’s notice. |
| “We have significantly enhanced our security measures to ensure that our customers’ accounts have the highest levels of protection. I apologise to our customers for the inconvenience caused in 2016.” | “We have significantly enhanced our security measures to ensure that our customers’ accounts have the highest levels of protection. I apologise to our customers for the inconvenience caused in 2016.” |
| Mark Steward, the executive director of enforcement and market oversight at the FCA, said: “The fine the FCA imposed on Tesco Bank today reflects the fact that the FCA has no tolerance for banks that fail to protect customers from foreseeable risks. | Mark Steward, the executive director of enforcement and market oversight at the FCA, said: “The fine the FCA imposed on Tesco Bank today reflects the fact that the FCA has no tolerance for banks that fail to protect customers from foreseeable risks. |
| “In this case, the attack was the subject of a very specific warning that Tesco Bank did not properly address until after the attack started. This was too little, too late. Customers should not have been exposed to the risk at all. | “In this case, the attack was the subject of a very specific warning that Tesco Bank did not properly address until after the attack started. This was too little, too late. Customers should not have been exposed to the risk at all. |
| “Banks must ensure that their financial crime systems and the individuals who design and operate them work to substantially reduce the risk of such attacks occurring in the first place. | “Banks must ensure that their financial crime systems and the individuals who design and operate them work to substantially reduce the risk of such attacks occurring in the first place. |
| “The standard is one of resilience, reducing the risk of a successful cyber-attack occurring in the first place, not only reacting to an attack.” | “The standard is one of resilience, reducing the risk of a successful cyber-attack occurring in the first place, not only reacting to an attack.” |
| Banking | Banking |
| Tesco | Tesco |
| Banks and building societies | Banks and building societies |
| Cybercrime | Cybercrime |
| news | news |
| Share on Facebook | Share on Facebook |
| Share on Twitter | Share on Twitter |
| Share via Email | Share via Email |
| Share on LinkedIn | Share on LinkedIn |
| Share on Pinterest | Share on Pinterest |
| Share on WhatsApp | Share on WhatsApp |
| Share on Messenger | Share on Messenger |
| Reuse this content | Reuse this content |
Previous version
1
Next version