Tesco’s website restored after suspected cyberattack
UK supermarket giant Tesco has restored access to its website and app after an outage struck the service on Saturday, preventing customers from ordering or cancelling deliveries until Sunday evening.
In a statement to The Guardian, Tesco said that “an attempt was made to interfere with our systems, which caused problems with the search function on the site.”
The retailer, whose 1.3 million online orders per week account for nearly 15% of its UK sales, said there was no reason to believe the attempted interference impacted customer data.
Tesco confirmed on Sunday evening that its website and app were now restored, but that it was using a virtual waiting room to handle a backlog in orders.
“Our groceries website and app are back up and running. To help us manage the high volume we’re temporarily using a virtual waiting room. We’re really sorry for any inconvenience and thank you for your patience,” Tesco said on Twitter.
Tesco Bank was fined £16.4m by the UK’s Financial Conduct Authority (FCA) over a 2016 incident in which cyber attackers stole £2.26m from 9,000 customers. The FCA found multiple flaws in the design of its debit card system. For example, Tesco Bank inadvertently issued debit cards with sequential primary account numbers (PANs). The company was also criticised for its slow response to the fraudulent transactions.
Tesco grocery customers have complained about its handling of orders and cancellations during the website outage. Some customers said they were told on Saturday to cancel their orders, but subsequently were informed Tesco was unable to access or change any orders. Other customers reported on social media they were trying to beat the 11:45pm cut-off time to cancel orders after placing orders with rival supermarkets.
In the US, the FBI recently warned that the food and agriculture sector was increasingly the focus of ransomware attacks that threatened to disrupt the food supply chain. It followed an attack on global meatpacking business JBS, which paid the attackers $11 million to restore access to encrypted data.
Swedish grocery chain Coop was unable to take card payments at its stores for three days earlier this year after ransomware attackers targeted managed IT service providers via a tainted software update to Kaseya’s products.
Tesco last year reissued 600,000 Clubcard cards after discovering a security issue that allowed attackers to use credentials from other platforms on its own websites to redeem vouchers. An increasingly common attack is known as password spraying, where lists of commonly used passwords are used to gain access to other unrelated accounts.