Tesco Bank facing £30m fine over cyber breach

Tesco Bank facing £30m fine over cyber breach

The UK's banking watchdog is threatening to charge Tesco Bank £30m for its failure to prevent a cyber attacks that affected thousands of customers in 2016.

In giving evidence to a UK Tresury Select Committe hearing, the Financial Conduct Authority (FCA) chief executive Andrew Bailey called the  incident an "unprecedented and serious" cyber attack.

Money was stolen from over 40,000 customer acconts and Tesco's systems were down for two days as a result, leaving customers unable to make any transactions in that time. Furthermore, Bailey censured Tesco Bank for its communication during the outages which he said was "not transparent enough". At the time, affected customers complained of being left on hold for hours at a time. 

Should it be found that there were failings in Tesco's systems and controls that contributed to the seriousness of the breach, the bank could be hit with a fine substantially higher than the cost of refunding affected customers

In 2014, the Financial Conduct Authority fined RBS a total of £56m for a computer system failure that affected 6.5m customers. 

The fine facing Tesco's is unlikely to exceed that figure and should be agreed within a number of weeks according to reports. 


Comments: (1)

Craig Lawrance
Craig Lawrance - Starkspur Ltd - Chalfonts 25 September, 2018, 13:18Be the first to give this comment the thumbs up 0 likes

£30m? That's spare change for Tesco.  Had it occurred post-GDPR it may have been a few quid more.