Tesco Bank have stopped online payments for all of its current account customers, after money was taken from 20,000 accounts.
Over 40,000 accounts saw suspicious transactions over the weekend, with around half of those having money taken from their account.
Although online payments are halted, customers are still able access online banking and use their cards for cash withdrawals, chip and pin payments, and bill payments.
Tesco bank’s chief executive Benny Higgins stated he had high hopes customers would be refunded within 24 hours, and apologised for any worry and inconvenience caused.
Customer comments Tesco Bank’s website and social media page suggested customers were experiencing long delays when contacting the company’s customer service line to find out if their account was affected.
Robert Schifreen of computer safety website Security Smart suggests a number of potential reasons behind the breach. Suggestions include fraudsters adding skimming devices, card readers and cameras specifically to Tesco’s cash point machines in order to capture information, or somebody who works at Tesco Bank who’s had access to the database.
Under the command of the Financial Conduct Authority, banks must refund unauthorised payments immediately, unless they have evidence that the customer was at fault or the payment was more than 13 months ago. Banks are also required to refund any charges or interest added as a result of the fraudulent payments.
It is not yet known what has caused the security breach, and no information has been released to date regarding when account access will be restored.