Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – TSB IT Crisis

At the beginning of this week, over 1.9million TSB Bank customers had trouble accessing their accounts, with some without access to their app or services for days.

It all began when TSB announced on Twitter they would be upgrading their systems between 4pm Friday 20 April until 6pm Sunday 22April, in order to move customer data from Lloyds to a new IT system. During this scheduled downtime, TSB announced the unavailability of services for customers such as online banking and paying and transferring money However, by Tuesday 24 April some services were still unavailable, with the bank stating they were experiencing ‘intermittent issues’. In an attempt to solve this, TSB were forced to take all services offline.

Some customers even reported being able to access other’s people’s accounts, with a few having been accidently credited £13,000 after logging back in to their TSB account. One customer’s savings account showed a balance of minus £1.1m.

To make matters worse, cybercriminals saw an opportunity to take advantage of this downtime launching a widespread phishing campaign, bringing a crisis for TSB Bank.

On Monday TSB wrote in a tweet: “Customers have made us aware that they’re receiving emails and tweets claiming to be from TSB. We would never ask you for your security details such as PIN or full password and we would only contact you via social media from our official @TSB Twitter or official Facebook page.”

On Wednesday 2 May, TSB faced examination by MPs on the influential Treasury, with three of the bank’s chiefs having to give evidence to Parliament.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

UK GDPR Series Available Now

Privacy is an ongoing concern for every organisation, however, the notion of consent isn’t without its complications. To help organisations navigate data protection protocols, we
Read More »

Seasonal Phishing Templates

Phishing is a year-round activity for cybercriminals, and just like retailers, they use seasonal events as an opportunity to cash in. Seasonal occasions, including St
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations