1 October 2018
Dwarfing the ICO's enforcement activities, the UK Financial Conduct Authority (FCA) fined Tesco Personal Finance plc (Tesco Bank) £16.4m, having deemed controls inappropriate to protect current account holders from cyber attacks.
Vulnerabilities in Tesco Bank's financial crime controls were exploited in November 2016, with attackers extracting £2.26m over 48 hours.
Tesco Bank's positive response and remediation saw the fine significantly reduced. Without that action, the fine could have been as high as £33.5m.
We think they could have done with data protection advisory services from DataGRC and the Data Sentinel online Data Protection training, Records Management and Compliance Assessment tools.
See the best data protection, privacy and security news...
Add a comment or a question...
Articles made publically available on this website are general information and should never be mistaken for formal or legal advice. If you are seeking formal advice for your specific requirements, please contact our advisory team using the form above.