Tesco Bank fraud: key questions answered

The Guardian takes a closer look at the Tesco Bank fraud in the UK, offering commentary on the issues of security from Cliff Moyce, global head of DataArt's Finance Practice.

"Suspicious transactions spotted on around 40,000 accounts have seen online payments frozen.

How was its security breached?

Tesco has not given any details, but technology specialists have speculated on what might have happened. Cliff Moyce, global head of financial services at technology firm DataArt, said the chance of the problem being caused by a “remote technical hack” was less than 50%. “Far more likely is the (in)action of a human actor, or weak process/management controls when information is shared between providers,” he said."

Moyce said Tesco would need to investigate the possibility of an “economic hack” in which an offshore employee is offered a large sum of money in return for a tranche of customer data. “But incompetence rather than ill intent from an employee or subcontractor remains the more likely factor to be correlated with the malintent of the criminals,” he said.​"

View original article here or download PDF.