Following the news that Tesco Bank has halted online payments for current account customers after thousands were affected by fraudsters, please find below a few comments for consideration:
Lee Munson, security researcher from Comparitech.com says: “The concerted attack against some 20,000 Tesco Bank customers is the first time such a British financial institution has seemingly been targeted by online criminals, at least as far as we are aware.
“While we do not have any details yet, the fact that there were so many compromises at just one bank suggests to me that the grocer may have either been hacked by an online group, or even compromised from within.
“Fortunately for its customers, Tesco Bank appears to be taking the matter as seriously as it should, informing them of what is happening at an early opportunity, and taking control of the undoubted media fallout.
“All customers of Tesco Bank should, however, be on their guard, not only for suspicious activity around their accounts, but also phishing emails referencing the incident and trying to trick them into visiting an imposter site.
“The correct course of action is, of course, for customers to type their online banking URL directly into their browser and, once logged in, they should change their passwords, whether their account has been compromised or not.
“That said, British banking is still entirely secure from a consumer point of view – incidents such as this are extremely rare and, in Britain at least, all losses arising from unauthorised activity must be refunded immediately anyway. Not only that, the financial services industry is extremely proactive in protecting its assets, as evidenced by massive recent operations such as Wire Shark and Operation Resilient Shield
“Tesco will, I’m sure, learn from the attack, and put in place the necessary technological, procedural or people changes required to mitigate the risk of it happening again.
“The only thing their customers will be thinking they could have done better is in terms of the one-to-one response times after its initial communication that accounts had been compromised.”
Alex Mathews, Technical Manger EMEA at Positive Technologies comments: "25% of investigated online banking systems are under threat of serious attack including theft of money by an authorised user as a result of rounding attacks, unauthorised access to arbitrary user operations, and SQL Injection. About half of the tested systems (55%) allow an unauthorised user to access a database management system with personal and financial data.
"As always with fast-developing big attacks such as this, detailed information on the criminal techniques used and the extent to which it will impact customers, will probably only emerge over the next few days. The fact that a full stop has been put on online transactions and the rapidity with which the CEO issued a statement, both show how seriously the bank is taking it. The security team's emergency plan appears to be in full affect."
"Affected customers should wait for guidance from the bank itself on the situation and follow this. They will have the best view of the crucial details."
Mike Fenton, CEO at Redscan reacts: "While Tesco conducts an investigation into the source of the attack, the temporary suspension of online transactions signals a positive move by the bank to limit any further damage.
“Customers won’t tolerate disruption to services for long however. To limit reputational damage, Tesco needs to quickly release more information about the cause of the attack and additional steps it intends to take to protect account holders."