40,000 Accounts of Top UK Bank Breached, China Approves Cyber Law to Counter Threats
China adopts a controversial cyber security law as about 40,000 accounts of a top British bank are reported to have seen suspicious transactions over the weekend.
Around 40,000 accounts of a top British bank have reportedly observed suspicious transactions over the past weekend, with money withdrawn from 20,000 accounts over a 24 hour period.
Meanwhile, China has adopted new cyber security measures “to counter growing threats such as hacking and terrorism.”
Tesco Bank has halted online payments for current account customers, in response to the hackings, and the bank's Chief Executive Benny Higgins told the BBC he was "very hopeful" customers would be refunded the money within 24 hours.
There have been complaints about money being withdrawn without permission, cards being blocked and long delays in contacting the bank via phone. Customers will not be able to make online transactions until the situation is back under control, which may take up to 48 hours.
A security consultant who has worked with Europol, Prof Alan Woodward, said this would be an unprecedented breach of a British bank, as he has never heard of an attack of this nature or scale within the UK, particularly whereby it appears that the bank's central system is the target.
Tesco has not used the word "hacking" to describe the breach, but accepts responsibility for any financial loss that may result from the fraud. Shares in the bank, which has more than seven million customer accounts and 4,000 staff across Edinburgh, Glasgow and Newcastle, has fallen by more than one percent in early trading.
There are suggestions that as a result of the breach, the damage to the trust held in Tesco Bank, and online banking in general, will be greater than the financial cost.
The National Crime Agency (NCA) and the UK's data regulator, the Information Commissioner's Office, are looking into the case.
Chinese Cyber Security Law
Beijing says its proposed legislation, set to take effect in June 2017, is to counter growing threats such as hacking and terrorism and an "objective need" of China as a major Internet power.
Though critics suggest the law will enhance restrictions on China's Internet, already subject to the world's most sophisticated online censorship mechanism, an official of the Chinese Congress, Yang Heqing, told the press that as one of the countries faced with the greatest Internet related security risks, China needs to establish and perfect network security legal systems.
According to Reuters, some of the contentious provisions in the final draft of the law include requirements for "critical information infrastructure operators" to store personal information and important business data in China, provide unspecified "technical support" to security agencies, and pass national security reviews.
Over 40 global business groups petitioned Chinese Premier Li Keqiang in August for an amendment of the controversial sections. Some of the companies fear they would have to hand over intellectual property or open back doors within products in order to operate in China's market.
Director of the Cyberspace Administration of China's cyber security coordination bureau, Zhao Zeliang, told reporters that every article in the law accorded with rules of international trade