The Financial Conduct Authority (FCA), well known as UK’s Financial Watchdog is all set to impose a £ 30 million fine on Tesco for Cyber Attack. Readers of Cybersecurity Insiders have to notify a fact over here that Tesco Bank became a victim of Cyber Attack in November 2016 and reimbursed £ 2.5 million as compensation to over 9,000 of its customers for the data theft.
FCA was assigned the duty to investigate the cyber incident and discovered that Tesco Bank issued debit card numbers in sequence exposing the customers to fraud.
Earlier, the number of the impacted customer was estimated to be 50,000. But later it turned out to be just 59. As the bank’s IT department failed in avoiding the data breach, FCA decided to impose a penalty which is still in the negotiations stage.
A source from Skynews reports that ICO is also investigating the Tesco Bank Cyber Attack incident and might impose a separate fine on the banking company for failing to isolate its customers from cyber frauds.
Recently, FCA imposed a fine of 42 million pounds on RBS for a 2014’s incident and last week the Information Commissioners Office slapped a fine of 500,000 pounds on Equifax for a massive data breach which came into light last year.
As GDPR laws have become stringent since May this year, companies doing business in the United Kingdom should be extra careful while protecting their customers’ info from Cyber Frauds.
Otherwise, data and financial watchdogs like FCA and ICO are authorized to take strict financial actions against companies found guilty.
NOTE- On September 29th, 2018 sources reporting to Cybersecurity insiders said that the data watchdog of Britain has reiterated the penalty to £ 16 million instead of £ 30 million.