UK company Tesco has come under fire after being affected by hackers in early November. Money was stolen from around 20,000 Tesco bank customers, with double that number being targeted.
It’s not known whether the cyber heist was an inside job or whether someone broke in from the outside in what was one of the biggest hacks in UK history. Customers have reported losing up to thousands of pounds and Tesco now faces paying back amounts that will add up to millions.
Economists have warned that this won’t be an isolated incident amongst large companies, saying that with the focus shifting from shopping strips to the internet there are rich pickings for criminals. In 2015 alone, mobile cybercrime cost UK banks in excess of 11 billion pounds.
In this case, clients are lucky that they can approach Tesco for their money back, however many others affected by cybercrime not only irretrievably lose their savings, but also find that personal information is compromised and that they end up being victims of identity theft.
Of course, the criminals who breach security are directly responsible for these crimes but at the end of the day it is the job of both consumers and companies to make sure online details are protected.
At a consumer level, shoppers and account holders need to ask the question – “How safe is this?” when signing up to share their financial and personal details with a new business. You are well within your rights to ask what a company does to safeguard your security and about their cyber security policies. And they should be able to provide you with answers!
All companies, from basic consumer apps to banks and retail chain giants should be able to provide information about what makes them secure against threats, how well prepared they are to respond to a security incident and how they guarantee that online transactions are conducted securely.
Good companies will use technology like Quixxi, which provides a ‘multi-lock’ layer against hackers, meaning that if they break through one layer it doesn’t mean they have completely tapped through to the back end of a business’s online system.
It is also the duty of account holders to be aware of the techniques hackers use to glean information from them. This includes:
- Never sharing your password with someone who calls you on the phone
- Always covering your PIN when withdrawing cash from an ATM
- Ignoring emails that look suspicious and ask you to click on links and log into your account online
- Conducting an online search if you receive communications from an organisation that appear to be unusual – often describing what happened and adding the word ‘scam’ to your search term will reveal that many others have been targeted
It’s not clear if any of Tesco’s customers could have prevented their accounts being hacked, but perhaps there being greater pressure on the company may have resulted in it tightening its security and preventing the disaster before it happened.
To find out more about Quixxi online security, visit www.quixxi.com