[BreachExchange] Tesco Bank faces £30m FCA fine over cyber attack

Audrey McNeil audrey at riskbasedsecurity.com
Tue Sep 25 19:14:21 EDT 2018


http://www.financialreporter.co.uk/regulation/tesco-bank-faces-30m-fca-fine-over-cyber-attack.html

The FCA is reportedly planning to fine Tesco Bank £30m over a cyber attack
which took place in 2016.

According to Sky News, Tesco Bank is in negotiations with the regulator and
is hoping for a "substantially lower" fine, which is expected to be agreed
in the next few weeks.

If imposed at £30m, the fine would be the largest ever seen in relation to
cyber crime.

In November 2016, Tesco Bank suspended all online transactions after an
attempted data breach.

It was initially feared that up to 40,000 customers may have had their
accounts compromised, however this was later revised down to under 50
victims, all of which were reimbursed for monetary losses.

Tesco eventually compensated 9,000 customers a total of £2.5m, but insisted
that no customer data was compromised in the 'highly sophisticated' attack.

Industry analysts have raised concerns about the size of the FCA fine,
considering the 'limited' extent of the Tesco Bank breach and compared to
the £500,000 penalty Equifax received over its large-scale data breach last
year, in which the personal information of up to 400,000 UK customers was
potentially accessed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180925/5e48b6e9/attachment.html>


More information about the BreachExchange mailing list