The UK financial regulator has imposed a whopping £16.4 million fine on Tesco bank for not securing a cyber-attack looming over customers in November 2016.
According to the financial conduct authority, the bank has failed to exercise required mandatory skill and security measures in order to protect its current account holders. The hackers pulled £2.26 million from the bank and got away with it, however, Tesco said earlier the money stolen had been refunded to all account holders.
The Financial Conduct Authority (FCA) said the attack could have been avoided with preemptive measures but Tesco failed to take it as an urgency to address, Mark Steward, executive director of enforcement and market sight at FCA said “The find on Tesco imposed by FCA clearly indicates that FCA has zero tolerance for negligence, banks who fail to protect their customers would be treated like this, he added.
In this case, Tesco bank has issued a warning against the cyber-attack, however, it didn’t respond in time and take necessary measures until the attack penetrated into the systems, this was too late and customers shouldn’t have been exposed to risks at all, said FCA.
Tesco Bank, on the other hand, said it has been a victim of sophisticated cybercrime, the company also assured that customers details and data was not hacked, however, 34 transactions were conducted which debited funds from customers’ accounts, the customers faced service disruption during the attack.
The CEO, Tesco Bank, Gerry Mallon said, “We are really sorry for this unfortunate attack and its implications on our customers, it is our priority to provide safety and security to our customers and we entirely accept FCAs notice.
We have rigorously worked towards the security and significantly enhanced our security measures in order to make sure our customers, their data and their accounts are protected at all times. I apologize to our customers for the inconvenience it caused in 2016, FCA earlier imposed a fine of £33.6 million which was reduced to £16.4 million due to Tesco Bank’s cooperation with the inquiry process and an early settlement agreement between both parties.