topic UK: FCA fines Tesco Bank £16.4m for failures in 2016 cyber attack in Industry News https://community.isc2.org/t5/Industry-News/UK-FCA-fines-Tesco-Bank-16-4m-for-failures-in-2016-cyber-attack/m-p/15121#M1649 <P><SPAN>The Financial Conduct Authority (FCA) has fined Tesco Personal Finance plc (Tesco Bank) £16,400,000 for failing to exercise due skill, care and diligence in protecting its personal current account holders against a cyber attack.&nbsp;The cyber attack took place in November 2016.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Cyber attackers exploited deficiencies in Tesco Bank’s design of its debit card, its financial crime controls and in its Financial Crime Operations Team to carry out the attack.&nbsp;Those deficiencies left Tesco Bank’s personal current account holders vulnerable to a largely avoidable incident that occurred over 48 hours and which netted the cyber attackers £2.26m.</SPAN></P><P>&nbsp;</P><P>The FCA found that Tesco Bank failed to exercise due skill, care and diligence to:</P><UL><LI>Design and distribute its debit card.</LI><LI>Configure specific authentication and fraud detection rules.</LI><LI>Take appropriate action to prevent the foreseeable risk of fraud.</LI><LI>Respond to the November 2016 cyber attack with sufficient rigour, skill and urgency.&nbsp;</LI></UL><P>for more read the <A href="https://www.fca.org.uk/news/press-releases/fca-fines-tesco-bank-failures-2016-cyber-attack" target="_self">FCA Press Release</A></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 09 Oct 2023 08:58:04 GMT leroux 2023-10-09T08:58:04Z UK: FCA fines Tesco Bank £16.4m for failures in 2016 cyber attack https://community.isc2.org/t5/Industry-News/UK-FCA-fines-Tesco-Bank-16-4m-for-failures-in-2016-cyber-attack/m-p/15121#M1649 <P><SPAN>The Financial Conduct Authority (FCA) has fined Tesco Personal Finance plc (Tesco Bank) £16,400,000 for failing to exercise due skill, care and diligence in protecting its personal current account holders against a cyber attack.&nbsp;The cyber attack took place in November 2016.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Cyber attackers exploited deficiencies in Tesco Bank’s design of its debit card, its financial crime controls and in its Financial Crime Operations Team to carry out the attack.&nbsp;Those deficiencies left Tesco Bank’s personal current account holders vulnerable to a largely avoidable incident that occurred over 48 hours and which netted the cyber attackers £2.26m.</SPAN></P><P>&nbsp;</P><P>The FCA found that Tesco Bank failed to exercise due skill, care and diligence to:</P><UL><LI>Design and distribute its debit card.</LI><LI>Configure specific authentication and fraud detection rules.</LI><LI>Take appropriate action to prevent the foreseeable risk of fraud.</LI><LI>Respond to the November 2016 cyber attack with sufficient rigour, skill and urgency.&nbsp;</LI></UL><P>for more read the <A href="https://www.fca.org.uk/news/press-releases/fca-fines-tesco-bank-failures-2016-cyber-attack" target="_self">FCA Press Release</A></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 09 Oct 2023 08:58:04 GMT https://community.isc2.org/t5/Industry-News/UK-FCA-fines-Tesco-Bank-16-4m-for-failures-in-2016-cyber-attack/m-p/15121#M1649 leroux 2023-10-09T08:58:04Z