Tesco Bank attack: PAV i.t.'s experts examine the hack on finance giant

With an estimated cost of £2.5 million paid out to customers who had money fraudulently withdrawn from their accounts, Tesco Bank is now reeling from both the financial implications and the wider cost to its reputation. 

As a result of the hack over the November weekend, the bank froze online transactions in an emergency measure to curb the losses. By the following Monday evening, the bank was still trying to resume normal service but admitted it was suffering the consequences of what it described as one of the biggest "systematic and sophisticated" attacks, resulting in its share price falling and a series of very awkward questions being raised, which the bank now has to answer.

Concerns raised

With a cyber-theft of such scale comes the scrutiny of a number of key agencies and groups, such as the National Crime Agency (NCA), many of whom are now demanding to know more information which the bank has so far struggled to provide. The key concern for banking customers is the fact the root cause of the attack remains unknown, subsequently shining a light on the broader threats to all online customers.

Commenting on the latest in a succession of large-scale IT failures and security breaches, the Chair of the Treasury Select Committee commented: "Making sure that banks improve their IT systems, and their resilience to cybercrime, is also a responsibility of regulators. We will raise this issue with them again shortly. We can't carry on like this." 

The Information Commissioner's Office (ICO) added: "We're aware of this incident and are looking into the details. The law requires organisations to have appropriate measures in place to keep people's personal data secure. Where there's a suggestion that hasn't happened, the ICO can investigate, and enforce if necessary."

Examining Tesco Bank's position within the wider banking industry emphasizes the vulnerability of the company in the immediate aftermath. With just 137,000 banking customers, Tesco Bank has struggled to grab more market share and compete with the big four players, Lloyds TSB, Barclays, HSBC and Royal Bank of Scotland. 

Following this development, it remains to be seen whether the bank will be able to convince new customers to switch to its services if they lose faith in its central system and security measures. 

Warning to all

These events, and the increasing regularity with which they occur, stand as a stark warning to all companies, regardless of size, that without the correct security measures in place, the loss to your core business and the damage to reputation can directly affect your place within the market. 

Repeated warnings about cyber-security must be heeded now before more customers suffer similar incidents. All businesses can take immediate steps to strengthen their security, such as downloading software updates and implementing stronger passwords. 

Assessing your business will help identify where possible weaknesses may lie and from there more robust measures can be put in place to guard against vulnerabilities.  

As experts in cyber security we are committed to giving our customers the best possible defence against hackers and fraudsters. To find out more about how our services can help your business, get in touch here.