The British institution Tesco Bank has seen a major breach on the bank accounts of approximately 20 000 of their customers. What is worse is that this was an online robbery attempt on the accounts and even though the bank reported it, most of the accounts have already conducted “online payments”.
The bank first detected dubious activity on the accounts on the 4th of November, 2016 when several customers account that tried to conduct the online payments. Tesco managed to restrict the online payments by requiring a PIN code from the compromised accounts’ side.
Affected Customers Will Receive New Cards
Shortly after the attack, TESCO has begun to notify the victims that they will be able to use their new cards in around a week time and in the mean time they can still use their older cards to extract money from ATMs and make other financial transactions.
Concerned Customers Flood the Bank
Customers who have been affected have immediately started making calls to TESCO’s customer support line, requesting information on why they fail to use their cards.
Could The TESCO Attack be An Inside Job
By the method of exclusion, the theft could not be an ATM skimming attack, since customers of other banks may also be affected, according to Piers Wilson, head of product management at Huntsman Security firm.
The professional cannot concur as to what happened, but he strongly believes that inside information may be the reason for the attack. One possible scenario is if a disgruntled or ambitions employee has decided to share information which is privileged or take advantage of this information to conduct the hack on the database. But a possible scenario of sharing such information with a third-party hacking crew for a certain bribe.
The bank, promises that they will restore the 40,000 accounts back to a normal state and protect them and fill the already emptied 20,000 hacked accounts.
Hackers Keep Focus on Fast Cash-Out Methods
This 2.5 million pound hack keeps showing that hackers still continue to target banks and other institutions that will allow them to obtain funds easily and vanish.
The most affected of this trend are the smaller organizations that have not yet strengthened their cyber security enough. This makes them a lucrative target for very experienced individuals that know their way around an online banking service and malware. But banks seem to be not the only ones who are affected, because hackers target other organizations as well, like hospitals, insurance companies, etc. Experts feel concerned that more attention should be focused on the education of employees regarding cyber-security.
The Bank is continuing to cooperate with the law and investigate what has happened, but so far the situation remains one big mystery yet to be solved.