Tesco Bank have confirmed a significant incident involving the apparent theft of money from the accounts of thousands of customers over the course of last weekend.
A criminal investigation is now underway under the leadership of the National Crime Agency (NCA).
As the national authority on cyber security, the roles of the National Cyber Security Centre (NCSC) in an incident of this kind are to:
- provide all possible support to that investigation
- work with the company concerned to manage the incident and bring it to a conclusion
- investigate the root causes of the incident and factor in any lessons learned to future guidance and policy on cyber security
The NCSC is already working with the NCA and Tesco Bank and others and is providing direct assistance to the company at their request, including on-site assistance.
In the case of cyber related incidents, it can, on certain occasions, take a significant period of time to understand the incident given the technical complexities involved. So the story will emerge over time. During this period it is vital that nothing is said publicly that could interfere with the criminal investigation.
Given the investigation thus far and the evidence at hand, the National Cyber Security Centre is unaware of any wider threat to the UK banking sector connected with this incident.