Tesco Bank fined €16.4m over cyber attack

By John-Paul Ford Rojas, business reporter
Tesco Bank has been fined ?16.4m by the City watchdog over a "largely avoidable" cyber attack on the lender, in the first penalty of its kind.
The Financial Conduct Authority (FCA) said deficiencies at the bank had left account holders vulnerable to an incident that netted cyber criminals €2.26m.
The bank had received a specific warning that was not properly addressed until the attack had started and the response was "too little, too late", the watchdog concluded.It is the first time the FCA has issued a fine for a cyber-related incident.Tesco Bank said that since the incident in November 2016 it had "significantly enhanced" security measures, and apologised to customers.The FCA investigation concluded that the lender failed to exercise due skill, care and diligence in protecting its personal current account holders against a cyber attack.It said cyber criminals exploited weaknesses in the bank's design of its debit card, its financial crime controls and in its financial crime operations team to carry out the attack over a 48-hour period.Mark Steward, executive director of enforcement and market oversight at the FCA, said the fine "reflects the fact that the FCA has no tolerance for banks that fail to protect customers from foreseeable risks".He added: "In this case, the attack was the subject of a very specific warning that Tesco Bank did not properly address until after the attack started."This was too little, too late.
See also:
Leave a comment
  • Latest
  • Read
  • Commented
Calendar Content
«    Август 2020    »