Tesco Bank’s Cyber Attack Investigated by UK’s National Crime Agency

By | November 8, 2016

Britain’s National Crime Agency (NCA) is leading a criminal inquiry into the theft of money from thousands of Tesco Bank accounts that the UK financial watchdog said was unprecedented.

New cyber crime agency National Cyber Security Centre (NCSC), a government body, announced in November last year and tasked with handling cyber incidents in Britain, said it is working with the NCA and Tesco to understand the nature of the attack.

“Given the investigation thus far and the evidence at hand, the National Cyber Security Centre is unaware of any wider threat to the UK banking sector connected with this incident,” the NCSC said in the statement on its website on Monday.

Tesco Bank, owned by Tesco Plc, on Monday halted online transactions from all current accounts and said it would repay people who had lost money in an attack that targeted some 40,000 accounts, nearly a third of its 136,000 accounts.

Tesco shares were trading up 0.3 percent by 1511 GMT.

Britain’s chief regulator sought to reassure the public on Tuesday that financial authorities were working to understand the nature of the attack, following criticism of the banking industry by British lawmaker Andrew Tyrie.

Tyrie, chair of parliament’s powerful finance committee, criticized both banks and regulators on Monday as doing too little to improve cyber security, saying he would take up the issue with Tesco Bank.

“This looks unprecedented in the UK,” Andrew Bailey, chief executive of the Financial Conduct Authority, told a parliamentary hearing on Tuesday.

Bailey said customers should be compensated by the end the day and that it would be difficult to restore full online service at Tesco bank until the cause of the breach is fully understood.

“The heart of the concern is what is the root cause of this and what does it tell us about broader threats,” Bailey said.

Reported attacks on financial institutions in Britain have risen from just five in 2014 to more than 75 so far this year, according to FCA data, but bank executives and providers of security systems say many attacks go unreported.

(Reporting by Lawrence White, additional reporting by Andrew MacAskill and Tom Bergin; editing by Mark Potter)

Related:

Was this article valuable?

Here are more articles you may enjoy.