UK Bank TSB Admits 1,300 Accounts Hit By Fraud Amid IT Meltdown (bbc.com)

← Back to Stories (view on slashdot.org)

UK Bank TSB Admits 1,300 Accounts Hit By Fraud Amid IT Meltdown (bbc.com)

Posted by msmash on Thursday June 7, 2018 @03:20AM from the everything-going-south dept.

An anonymous reader shares a BBC report: Life savings have been stolen from TSB accounts by fraudsters "exploiting" the bank's IT problems, with 1,300 people losing money. On occasions, people were waiting on the phone for up to nine hours to report cases, the bank's boss Paul Pester has told MPs. He said that 70 times the normal level of fraud attacks were seen last month. The introduction of a new IT system in April left customers struggling to make transactions and see their balances. The bank said it would compensate customers in full for any fraud they suffered. The evidence came after the financial regulator confirmed that it was investigating TSB and criticised Mr Pester for an "optimistic view" of services after the meltdown.

28 comments

Min score:

Reason:

Sort:

Re:I *spy* with my little Eye... by Anonymous Coward · 2018-06-07 03:42 · Score: 0

"fraudsters"!
BLIMEY
IANAL by Anonymous Coward · 2018-06-07 03:46 · Score: 0

Sing this really loud!
Up from the depths
20 stories high
breathes fire
but just in the sky
GODZILLA-AAAAAAAAHHHHHH!
1300 / 70 = ~19 by mccalli · 2018-06-07 03:47 · Score: 2

(rounded obviously). Only 19 successful attempts per month is the average?
1. Re:1300 / 70 = ~19 by Required+Snark · 2018-06-07 03:55 · Score: 1
  
  "70 times the normal level of fraud attacks were seen last month"
  If it was your personal account it would be a 100% failure. Why are you trying to make it seem less incompetent and damaging then it actually is? Do you have a personal interest in promoting electronic theft?
  
  --
  Why is Snark Required?
2. Re:1300 / 70 = ~19 by grep+-v+'.*'+* · 2018-06-07 05:03 · Score: 2
  
  I think his point is: Only 19 successful attempts per month is the average?
  
  If you're a bank, I'd think (hope!) that you have 0 successful attacks per month, and hope that you have a rounded 0.0 successful attacks per year.
  
  Also, you'd want to weight them per customer. Someone successfully grabbing an account from a rooted unprotected cell phone is NOT the same thing as grabbing all of the accounts from the mainframe even though they're both a "single" attack.
  
  --
  If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
3. Re:1300 / 70 = ~19 by Anonymous Coward · 2018-06-08 00:21 · Score: 0
  
  Or maybe there's only one attempt per month normally, which is UNsuccessful. This month there were 70 attempts, one of which was successful and hit 1300 accounts.
Re:I'm Sticking With TSB by cayenne8 · 2018-06-07 03:48 · Score: 3, Informative

Sure gives a person a "lot of faith" in a cashless society, eh?

--
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
GDPR?... by froggyjojodaddy · 2018-06-07 04:02 · Score: 1

Is this the first major violation since GDPR came into effect? Will be very interesting to know what will happen..
1. Re: GDPR?... by houghi · 2018-06-07 05:01 · Score: 1
  
  I have not seen a date of when it happened. It is now made public, so it could be that the hack happened before GDPR started. That could mean it does not apply to the GDPR.
  
  --
  Don't fight for your country, if your country does not fight for you.
Customers lost no money by Anonymous Coward · 2018-06-07 04:28 · Score: 0

The bank lost the money. The still owes the customers their funds. The customers only loose if the bank goes out of business.
1. Re:Customers lost no money by Shimbo · 2018-06-07 05:39 · Score: 1
  
  The bank lost the money. The still owes the customers their funds. The customers only loose if the bank goes out of business.
  Customers generally don't lose when the bank goes out of business because of deposit protection. They generally do lose when they authorize the transfer of funds to a fraudster, although in this case customers may be luckier than usual because the bank is partly at fault for not having enough people to answer the phone.
It's just getting worse isn't it? by Rick+Schumann · 2018-06-07 04:39 · Score: 1

There aren't fewer successful attacks of this kind, there are more of them as time passes, and the consequences of them are getting worse not better. There's obviously a fundamental problem with these critical systems and obviously nobody is doing anything about it. Do we need to go back to doing everything with paper until everyone gets their act together and fixes it?
1. Re:It's just getting worse isn't it? by Anonymous Coward · 2018-06-07 05:11 · Score: 0, Funny
  
  All financial instruments will be stored in immutable blockchains, anonymized and open to public scrutiny.
  You guys still don't see how this is bigger than the Internet? Bitcoin will be synonymous with money after the next big meltdown, but it won't be the only blockchain by a long shot.
2. Re:It's just getting worse isn't it? by Anonymous Coward · 2018-06-07 05:17 · Score: 0
  
  You sound like the IoT evangelists who want a "sensor" in everything from toilet paper to guitar strings.
  Your blockchain fantasy bubble has already been popped.
The best part of the summary? by bobstreo · 2018-06-07 04:53 · Score: 1

"The bank said it would compensate customers in full for any fraud they suffered."
I believe my solicitors may have a slight difference of opinion of the number of significant digits of compensation...
1. Re:The best part of the summary? by Anonymous Coward · 2018-06-07 11:11 · Score: 0
  
  "...would compensate customers in full* for any fraud they suffered."
  I wonder if "full" is like "unlimited" data?
Re:I'm Sticking With TSB by Anonymous Coward · 2018-06-07 04:55 · Score: 0

Can't tell if you're trolling or just not very bright. The inconvenience you experienced may have been negligible, but there were business owners unable to pay their staff and suppliers in some cases for a week, and their inconvenience certainly wasn't negligible; that's before you even get to the victims of fraud that occurred as a result of this screw-up. Their product may be great otherwise (and I happen to be a reasonably happy customer myself), but that's no reason to underplay this epic screwup of theirs.
Re:I'm Sticking With TSB by Anonymous Coward · 2018-06-07 05:08 · Score: 0

Not only cashless, bankless. Bitcoin.
Re:I'm Sticking With TSB by Anonymous Coward · 2018-06-07 05:37 · Score: 0

Cash isn't going anywhere.
Re:I'm Sticking With TSB by Anonymous Coward · 2018-06-07 05:52 · Score: 0

It's going digital, to the blockchain.
dog bites man; contract law falls off turnip truck by epine · 2018-06-07 07:26 · Score: 1

Life savings have been stolen from TSB accounts ...
Dog bites man. Contract law falls off turnip truck. Learned-helplessness porn, FTW. You know, could you grab a brain, please?
How about this, instead?

Illicit transactions savage TSB bank balances, nominally wiping out the life savings of some customers, most of whom are now shitting themselves to have TSB man-up pronto and restore their legally correct bank balances, ASAP.
I'm sure there's a nasty time gap between pronto and ASAP, because numerical restitution needs to be performed with extreme competence and exactitude.
Of course, if TSB shit the bed all the way to insolvency, the collective "fix this—you dirt-licking mofo—pretty please, with sugar on top" shit-storm presages a nasty run.
Americans take note by Anonymous Coward · 2018-06-07 12:45 · Score: 0

The bank said it would compensate customers in full for any fraud they suffered.
THIS is the difference between banks in America and banks in most of the rest of the world.
In US, the bank would call this "Identity theft" and pass the loss to the customers. Why Americans tolerate that is a mystery to the rest of the world.
1. Re:Americans take note by terrycarlino · 2018-06-08 08:12 · Score: 1
  
  This just isn't true. In cases of identity theft the direct financial cost is almost always born by either the banks or the credit card companies.
  It is the indirect financial cost which is born by the victim. This typically is the inability to procure future loans due to erroneously damaged credit history caused by the thief. Civil problems due to fraudulent contracts signed by the thief which must be litigated and such.
  The direct financial cost is covered in the U.S..
Re:I'm Sticking With TSB by Anonymous Coward · 2018-06-08 04:16 · Score: 0

"While most banks now user's customers' money in complex investments via their investment bank divisions, TSB is back to basics banking - it accepts deposits from customers and loans that money out to other customers."
I bet you they insured against this hack using complex financial instruments, which is what allows them to compensate you in full.
Re:dog bites man; contract law falls off turnip tr by terrycarlino · 2018-06-08 08:07 · Score: 1

If anybody is keeping their 'life savings' in a bank they're doing it wrong. A bank is a place to keep working funds, not life savings. Anything you have in a bank is losing money to inflation. It's not working for you, it's working for the bank.