Codified Security was featured in a Financial Times article on the £2.5m Tesco Bank hack with comments from CEO Martin Alderson.
Earlier this year, Codified Security’s researchers found a number of vulnerabilities that could be used to hack Tesco’s customers and Tesco’s digital infrastructure. Codified Security tried to reach out to Tesco multiple times, including contacting members of their technology, finance, and investor relations teams.
The Tesco apps had a range of vulnerabilities that could give hackers a number of ways to execute attacks to steal sensitive information from their customers, including credit card details and passwords, or steal data from Tesco.
Tesco ignored our warnings regarding the vulnerabilities in their mobile apps that were missed in spite of having“a first class team working around the clock”.
A piece in The Register also indicated that the vulnerabilities in Tesco’s mobile apps were a potential cause of the hack. Tesco still claims that “No customer data were lost. None of our systems were breached. This was a highly sophisticated attack on our systems and we responded very quickly.”
For more information or comment please contact [email protected]