A breach of 20,000 Tesco Banks accounts demonstrates that conventional cyber security approaches are ineffective and that businesses are failing to take the issue seriously, say experts.
Tesco suspended online banking in the wake of 40,000 accounts being breached, with 50% of those involved in fraudulent transactions.
Benny Higgins, chief executive of Tesco Bank, said that they are aware of the mechanics of the attack, referring to it as “sympathetic” and “systematic”, although stopped short of providing further details, with the attack under criminal investigation.
The UK’s National Crime Agency (NCA) is leading the investigation, with Information Commissioner’s Office (ICO) assessing whether Tesco Bank is taking sufficient action to maintain the security of personal data.
The attack is the most recent in a number of cyber hits that prove financial data is not being given adequate protection by a traditional security approach, and is failing due to a continually evolving threat, says a technical specialist from security company Darktrace, Andrew Tschonev.
“Tesco Bank has a long road ahead establishing exactly what has happened, who has been affected and how they can recover, which is going to be a complex task. However, the consequent shake-up in their security team should help strengthen their defences for the future.”
Banks must not take a lax stance on something as sensitive as cyber security. If banks, as well as businesses up and down the UK, fail to create more cyber security jobs in order to fix the issue, they may soon live to regret it.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?Log in
Want to have an account with us?Register
Want to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.