Tesco Bank ‘could face £30m cyberattack fine’
Written by Hannah McGrath
Tesco Bank could reportedly be facing a record £30 million fine from the Financial Conduct Authority (FCA) over an attempted hack in which criminals tried to siphon money from customer accounts.
Sky News reported that the regulator is weighing up whether to impose the largest ever fine for a cyber attack-related incident on Tesco’s banking arm, over the attempted hack in November 2016 which forced the lender to suspend all online transactions.
The bank informed 9,000 customers that their details had been stolen and refunded customers £2.5 million.
Tesco Bank is understood to have concluded that fewer than 50 customers were affected, all of whom were refunded immediately and that no customer data was compromised.
Tesco Bank is thought to be planning to contest the fine in the course of negotiations with the FCA, Sky News reported citing legal sources. The amount could be reduced to a “substantially lower” figure, they sources said.
Tesco Bank and the FCA declined to comment on the reports.
A potential FCA fine on Tesco Bank could run into tens of millions of pounds, far exceeding the record £500,000 penalty issued last week by the Information Commisioner’s Office on credit ratings agency Equifax, which was hit by one of the UK’s largest ever data breaches, involving the data of 15 million Britons.