Tesco Bank cyberattack: £2.5m payout for 9,000 customers

Tesco Bank says it has resumed normal service for its customers after online transactions from current accounts were suspended because of a cyberattack.

About £2.5m has been paid back to approximately 9,000 customers who had money taken from their accounts without their permission.

Benny Higgins, the chief executive of Tesco Bank, has stressed that none of their customers' personal data was compromised.

British authorities are trying to find the "root cause" of the breach, with the financial regulator describing the theft as "unprecedented".

A cyber security expert has warned that small banks may be vulnerable to a cyberattack like that seen by Tesco Bank over the weekend.

Sergio Romanets, from Greyspark Partners in London, said smaller companies are often not as well protected as larger global institutions.

JP Morgan recently said it is spends about $600m (£484m) annually on cyber security - a figure other banks may struggle to match.

Mr Romanets added: "Many (smaller banks) have not invested properly in security measures and an incident like this should stimulate them to think again."

Tesco Bank, which has been owned by Tesco plc (Frankfurt: 852647 - news) since 2008, stopped online transactions from all current accounts on Monday after some accounts were targeted.

It is unclear how thieves broke into the bank, or how they stole the funds.

On Monday, Tesco Bank chief executive Benny Higgins told Sky News: "We live in an age where these kind of attacks, whilst they are not common, they do happen.

"Regardless of how much one invests in prevention, one is always ultimately vulnerable. It is impossible to be impregnable.

"We believe we have invested appropriately and the most important thing is that we are responding as well as possible."

There have been 75 attacks on financial institutions in Britain this year - up from just five in 2014.