The theft of money from thousands of Tesco online banking accounts is prompting British cybersecurity experts investigating the crime to warn that other small banks may be at risk for a cyberattack.
According to a report by Reuters, the new government agency in the U.K., the National Cyber Security Centre (NCSC), said it’s working with investigators and Tesco to determine what happened in the attack, which the NCSC called “unprecedented.” The NCSC, along with the National Crime Agency in the U.K., told Reuters they couldn’t think of a similar confirmed case in which the bad guys got away with large sums of money through a hacking of bank accounts.
The report noted that Tesco Bank stopped all online transactions from bank accounts earlier in the week and pledged to pay back customers who lost money as a result of the cyberhack. The hack went after around 40,000 accounts, which is close to a third of all the accounts at Tesco. The bank has been scant with details as to how the attack happened, nor has it provided details as to whether or not there were any suspects.
The report noted that smaller banks are more of an attractive target than their larger brethren because they don’t have the security in place like the bigger guys, making it easier for hackers to penetrate their networks.
“Smaller and medium-sized companies may be more vulnerable. Many of them have not invested properly in security measures, and an incident like this should stimulate them to think again,” said Sergio Romanets, cybersecurity expert at consultant Greyspark Partners in London, in the report. Customers have already been compensated, but restoring all of the online service at Tesco Bank will be harder to do.