Tesco data breach leads to £16.4m fine
tesco travel money data breach

Tesco data breach leads to £16.4m fine

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

The massive November 2016 Tesco data breach has led to a ground-breaking fine issued in the sum of £16.4m.

The fine has been issued by the Financial Conduct Authority (FCA). It’s understood that this is the first time that the FCA has issued a fine for an online fraud incident.

The level of the fine is thought to reflect the severity of the Tesco data breach. This was an avoidable incident that arose from Tesco’s lax security. The incident led to customers of Tesco Bank losing millions of pounds in stolen funds.

About the November 2016 Tesco data breach

The November 2016 Tesco data breach occurred when criminals exploited vulnerabilities in Tesco’s security to generate “virtual cards”. An algorithm was to used to create new debit card numbers and the criminals then used the invented credentials to make payments and transfer funds out of genuine customer accounts.

In total, it’s understood that the criminals got away with some £2.26m

What the regulators said about the Tesco data breach

The regulators were far from complementary over the Tesco data breach. They described a number of errors and said that this was a “largely avoidable incident”.

In a comment, the FCA confirmed that the criminals exploited “deficiencies in Tesco Bank’s design of its debit card, its financial crime controls and in its Financial Crime Operations Team”.

The first fine of its kind

The Tesco data breach is said to have yielded the first fine from the FCA for an online fraud incident. The unauthorised transactions that the criminals managed to make led to a wave of outrage from customers targeted in the incident.

The fine of £16.4m reflects the severity of this breach, as well as the fact that it was totally avoidable.

It also leads us to consider how the FCA will be involved in future cybercrime incidents in conjunction with bigger GDPR fines. A company like Tesco could end up facing a huge fine from both the FCA and the Information Commissioner’s Office (ICO).

This is all on top of compensation claims that victims of a data breach are entitled to make.

The results is that incidents like the 2016 Tesco data breach could prove very costly for businesses moving forward. The cost of cybersecurity simply cannot be treated as anything other than a top priority for organisations.

The collapse of a business could end up revolving around a single cybersecurity incident.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon