Tesco Bank ‘could face £30m cyberattack fine’

Tesco Bank could reportedly be facing a record £30 million fine from the Financial Conduct Authority (FCA) over an attempted hack in which criminals tried to siphon money from customer accounts.

Sky News reported that the regulator is weighing up whether to impose the largest ever fine for a cyber attack-related incident on Tesco’s banking arm, over the attempted hack in November 2016 which forced the lender to suspend all online transactions.

The bank informed 9,000 customers that their details had been stolen and refunded customers £2.5 million.

Tesco Bank is understood to have concluded that fewer than 50 customers were affected, all of whom were refunded immediately and that no customer data was compromised.

Tesco Bank is thought to be planning to contest the fine in the course of negotiations with the FCA, Sky News reported citing legal sources. The amount could be reduced to a “substantially lower” figure, they sources said.

Tesco Bank and the FCA declined to comment on the reports.

A potential FCA fine on Tesco Bank could run into tens of millions of pounds, far exceeding the record £500,000 penalty issued last week by the Information Commisioner’s Office on credit ratings agency Equifax, which was hit by one of the UK’s largest ever data breaches, involving the data of 15 million Britons.

    Share Story:

Recent Stories


Banking's GenAI evolution: Beyond the hype, building the future
In the first episode of a three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech explores how financial institutions can navigate the transformative potential of Generative AI while building lasting foundations for innovation.

Beyond compliance: Transforming document management into a strategic advantage for financial institutions
In this exclusive fireside chat, John Rockliffe, Pre-Sales Manager at d.velop, discusses the findings of Adapting to a Digital-Native World: Financial Services Document Management Beyond 2025 and explores how FSIs can turn document workflows into a competitive advantage.

Sanctions evasion in an era of conflict: Optimising KYC and monitoring to tackle crime
The ongoing war in Ukraine and resulting sanctions on Russia, and the continuing geopolitical tensions have resulted in an unprecedented increase in parties added to sanctions lists.

Achieving operational resilience in the financial sector: Navigating DORA with confidence
Operational resilience has become crucial for financial institutions navigating today's digital landscape riddled with cyber risks and challenges. The EU's Digital Operational Resilience Act (DORA) provides a harmonised framework to address these complexities, but there are key factors that financial institutions must ensure they consider.