Tesco’s website may be back up and running but the potential hack has not only affected its services but may have dented its reputation, says Garry Brown of cyber security specialists, Bondgate IT.
Britain’s biggest supermarket said its website crashed on Saturday after what it described as attempts “to interfere with our systems” – with customers unable to order goods and track deliveries.
Garry Brown, who is managing director of the Darlington-headquartered IT firm, said: “Many businesses measure potential cyberattacks in terms of lost revenue and in the cost of restoring their systems, but there is also an unqualifiable cost in terms of customer confidence and any reputational effect.
“There is no reason to believe that any sensitive data has been compromised in this case, but Tesco’s customers have certainly expressed concern.”
Tesco, which has 6.5m app users and whose online sales rocketed to £6.3bn during 2021/22, said its teams had worked around the clock to restore the service.
Shoppers have been requesting further information but the multi-national has said: “There is no reason to believe this issue impacts customer data and we continue to take ongoing action to make sure all data stays safe.”
Garry added: “Any likely cyber security attack on a big well-known multi-national company tends to grab the headlines.
“However, it is just as relevant to smaller business and organisations, as most attacks on UK businesses are directed towards smaller businesses. In fact, two thirds of businesses employing between 10 and 49 employees have suffered some type of cyberattack.
“While no one solution can prevent such an attack, it is vital to adopt a multi-layered approach to IT security – everything from effective security patch management to updating legacy security tools and raising awareness among employees of good IT security practices.
“Businesses of any size need to make IT security a top priority to prevent attacks happening in the first place and, if the worst should happen, they are quickly detected, and any effects mitigated.”
In March 2020, Tesco said it was issuing new Clubcards to 600,000 people after it believed a database of stolen usernames and passwords from other sites were tried on its site, with some success. However, it stressed that no financial data was accessed, and its systems were not hacked.