Retailer Tesco PLC’s banking arm on Tuesday said that £2.5 million (US$3 million) had been stolen from 9,000 customers over the weekend in what cyberexperts said was the first mass hacking of accounts at a Western bank.
Tesco Bank said it had resumed full service after the theft, which forced the suspension of online transactions on Monday.
“We’ve now refunded all customer accounts affected by fraud and lifted the suspension of online debit transactions so that customers can use their accounts as normal,” Tesco Bank CEO Benny Higgins said in a statement.
The bank, whose operating income has accounted for as much as a quarter of Tesco’s total in some years, added that no customer data had been compromised.
The National Cyber Security Centre (NCSC), a new government body, on Tuesday said that it was working with criminal investigators and Tesco to understand the nature of an attack described as “unprecedented” by the financial regulator.
The NCSC and National Crime Agency said they could not remember another confirmed case where thieves had stolen large sums of money via a mass hacking of accounts at a Western bank.
The bank has provided few details about what happened. It is not clear how online thieves broke into the bank, how they pulled out the funds or how much was stolen. It is also not clear if there are any suspects.
A spokeswoman for Tesco declined to comment beyond its previous statement on Monday.
Cyberexperts said that smaller banks, like Tesco’s, are more vulnerable to attack than global financial institutions, which have bigger cybersecurity budgets.
JPMorgan, for example, has disclosed that it spends about US$600 million on cybersecurity annually.
“Smaller and medium-sized companies may be more vulnerable; many of them have not invested properly in security measures and an incident like this should stimulate them to think again,” said Sergio Romanets, a cybersecurity expert at consultant Greyspark Partners in London.
Cyber and information technology (IT) security risks have received little coverage in Tesco Bank’s most recent annual report, according to a Reuters analysis, with just one mention — saying “of note is the industry-wide attention on cyber-crime”.
Rival J. Sainsbury PLC’s bank unit and Metro Bank PLC, two other smaller “challenger” banks in Britain, each mention cyber and information security at least three times in their most recent annual reports. By contrast, among the nation’s biggest banks, Santander UK has at least 49 mentions, Barclays at least 14 and Lloyds 32.
Tesco Bank runs on separate IT systems from the group’s retail unit. The lender was originally set up as a joint venture with Royal Bank of Scotland (RBS) and Tesco PLC in 1997, before becoming wholly owned by the retailer in 2008.
US financial technology provider Fiserv provides its online retail banking platform and its financial crime prevention system, according to Fiserv’s Web site.
“There is no indication that our software or services were involved in the incident that Tesco Bank experienced over the weekend. Nonetheless, we are offering our support in whatever manner will be helpful to Tesco Bank,” a spokeswoman for Fiserv said in an e-mailed statement.
Tesco Bank has spent £500 million building up its technology platform over the past seven years since the split with RBS, accounts showed.
Britain’s financial regulator sought to reassure the public that financial authorities were working to understand the nature of the attack.
On Monday, British lawmaker Andrew Tyrie, chair of parliament’s powerful finance committee, said both banks and regulators had done too little to improve cybersecurity.
Reported attacks on financial institutions in Britain have risen from just five in 2014 to more than 75 so far this year, according to Financial Conduct Authority data, but bank executives and providers of security systems say many attacks go unreported.
Taiwan’s exports soared 56 percent year-on-year to an all-time high of US$64.05 billion last month, propelled by surging global demand for artificial intelligence (AI), high-performance computing and cloud service infrastructure, the Ministry of Finance said yesterday. Department of Statistics Director-General Beatrice Tsai (蔡美娜) called the figure an unexpected upside surprise, citing a wave of technology orders from overseas customers alongside the usual year-end shopping season for technology products. Growth is likely to remain strong this month, she said, projecting a 40 percent to 45 percent expansion on an annual basis. The outperformance could prompt the Directorate-General of Budget, Accounting and
Two Chinese chipmakers are attracting strong retail investor demand, buoyed by industry peer Moore Threads Technology Co’s (摩爾線程) stellar debut. The retail portion of MetaX Integrated Circuits (Shanghai) Co’s (上海沐曦) upcoming initial public offering (IPO) was 2,986 times oversubscribed on Friday, according to a filing. Meanwhile, Beijing Onmicro Electronics Co (北京昂瑞微), which makes radio frequency chips, was 2,899 times oversubscribed on Friday, its filing showed. The bids coincided with Moore Threads’ trading debut, which surged 425 percent on Friday after raising 8 billion yuan (US$1.13 billion) on bets that the company could emerge as a viable local competitor to Nvidia
BARRIERS: Gudeng’s chairman said it was unlikely that the US could replicate Taiwan’s science parks in Arizona, given its strict immigration policies and cultural differences Gudeng Precision Industrial Co (家登), which supplies wafer pods to the world’s major semiconductor firms, yesterday said it is in no rush to set up production in the US due to high costs. The company supplies its customers through a warehouse in Arizona jointly operated by TSS Holdings Ltd (德鑫控股), a joint holding of Gudeng and 17 Taiwanese firms in the semiconductor supply chain, including specialty plastic compounds producer Nytex Composites Co (耐特) and automated material handling system supplier Symtek Automation Asia Co (迅得). While the company has long been exploring the feasibility of setting up production in the US to address
OPTION: Uber said it could provide higher pay for batch trips, if incentives for batching is not removed entirely, as the latter would force it to pass on the costs to consumers Uber Technologies Inc yesterday warned that proposed restrictions on batching orders and minimum wages could prompt a NT$20 delivery fee increase in Taiwan, as lower efficiency would drive up costs. Uber CEO Dara Khosrowshahi made the remarks yesterday during his visit to Taiwan. He is on a multileg trip to the region, which includes stops in South Korea and Japan. His visit coincided the release last month of the Ministry of Labor’s draft bill on the delivery sector, which aims to safeguard delivery workers’ rights and improve their welfare. The ministry set the minimum pay for local food delivery drivers at
RSS