Login Register Subscribe
Current Issue

U.K.'s National Crime Agency investigating Tesco Bank cyber attack

Reprints

(Reuters) — Britain's National Crime Agency is leading a criminal inquiry into the theft of money from thousands of Tesco Bank accounts that the UK financial watchdog said was unprecedented.

New cyber crime agency National Cyber Security Center, a government body, announced in November last year and tasked with handling cyber incidents in Britain, said it is working with the NCA and Tesco to understand the nature of the attack.

"Given the investigation thus far and the evidence at hand, the National Cyber Security Center is unaware of any wider threat to the U.K. banking sector connected with this incident," the NCSC said in the statement on its website on Monday.

Tesco Bank, owned by Tesco P.L.C., on Monday halted online transactions from all current accounts and said it would repay people who had lost money in an attack that targeted some 40,000 accounts, nearly a third of its 136,000 accounts.

Tesco shares were trading up 0.3% by 1511 GMT.

Britain's chief regulator sought to reassure the public on Tuesday that financial authorities were working to understand the nature of the attack, following criticism of the banking industry by British lawmaker Andrew Tyrie.

Mr. Tyrie, chair of parliament's powerful finance committee, criticized both banks and regulators on Monday as doing too little to improve cyber security, saying he would take up the issue with Tesco Bank.

"This looks unprecedented in the U.K.," Andrew Bailey, chief executive of the Financial Conduct Authority, told a parliamentary hearing on Tuesday.

Mr. Bailey said customers should be compensated by the end the day and that it would be difficult to restore full online service at Tesco bank until the cause of the breach is fully understood.

"The heart of the concern is what is the root cause of this and what does it tell us about broader threats?" Mr. Bailey said.

Reported attacks on financial institutions in Britain have risen from just five in 2014 to more than 75 so far this year, according to FCA data, but bank executives and providers of security systems say many attacks go unreported.