Tesco Bank Facing Huge Fine Due To 2016 Cyberattacks
UK’s Financial Conduct Authority (FCA) has sent a stern warning to the banking industry by imposing a massive penalty on the banking division of Tesco.
The fine comes as a result of the 2016 cyber hacking of the bank’s online services. The financial watchdog has already issued a warning to Tesco that it might impose a £30 million penalty for their shortcomings in preventing the incident.
The initial estimate for the number of customers that was impacted by the online security breach was at 40,000.
However, thanks to the efforts of the bank, it was dropped down to 20,000. After even more efforts, it was reduced to less than 50 customers. The bank was able to refund all of them in just a few days, with no data being compromised.
Because of their quick action, Tesco is contesting the proposed penalty. Their plan is to go in active negotiations with the FCA. It might mean that a lower sum might be agreed in the coming weeks. There is no guarantee that it might happen though.
The original amount of the fine was large enough to shock the market, considering how minor the Tesco Bank incident was compared to other incidents. An analyst has estimated that the fine is just a preview of what is coming to other big banks in Britain if they were ever to get hit by a similar cyber-attack. They can expect a high fine in the millions or even billions of pounds.
The large fine would send a message that the UK government is taking cybersecurity seriously and that financial institutions should also do the same. The £30 million penalty is quite high compared to the recent penalty imposed on Equifax who was fined £500,000 by the Information Commissioner’s Office for a large data breach that happened in 2017.
Increase In Data Breaches
Tesco Bank is just one of many businesses that have been targeted by cybercriminals. With six million customers and a wide range of financial products, it is a tempting target for data thieves and hackers. When the attack happened, FCA chief executive Andrew Bailey felt that it was unprecedented and needed to be dealt with immediately.
Banks and other financial institutions all over the world have seen a rise in cyber-attacks since 2016. This has forced many of them to invest heavily in cybersecurity though not all of them have taken action. Financial regulators have warned businesses that they need to beef up their security to prevent such occurrences. The UK government expects firms to work with the National Cyber Security Center to increase their security.