Tesco App and Website Back Online After Cyber Incident

Tesco’s groceries app and website are back up after a weekend of disruption for customers following a suspected cyber-attack.

The UK’s largest supermarket chain received a barrage of complaints on social media over the past two days as angry customers found they couldn’t place or track orders or change existing ones online.

Some said this had caused significant problems as they were self-isolating at home, and switching brands would mean paying for their shopping all over again.

According to reports, the retailer’s app and website went down early on Saturday local time but was back up around midnight on Sunday.

A spokesperson blamed the incident on a third party but claimed customer data is not likely to have been affected.

“Since yesterday, we’ve been experiencing disruption to our online grocery website and app,” they said in a statement.

“An attempt was made to interfere with our systems which has caused problems with the search function on the site. We’re working hard to fully restore all services and apologize for the inconvenience.”

Dominic Trott, UK product manager at Orange Cyberdefense, argued that the online hit to Tesco may have cost the supermarket dear at a time when digital sales comprise an increasingly large share of revenue.

“Over the past 18 months, we have seen an increase in threats against large organizations as a result of changes to the network permitter due to the adoption of flexible and remote working,” he continued.

“Employees now hold far greater responsibility with regards to company security. Their endpoint devices – such as company laptops or phones, or personal devices they connect to the corporate network – are all potential gateways for cyber-criminals.”

Ed Macnair, CEO of Censornet, argued that customer data was the likely target for attackers despite Tesco's reassurances.

“A shopping trolley of data from Britain’s biggest supermarket is an attractive target,” he claimed. ““Hackers are looking for the weak link in the attack kill chain. It is why organizations need to urgently assess how their cyber-defenses can be more autonomous, more intelligent and better coordinated to best protect customer data.”

Tesco said it is using a virtual waiting room on the site at present to regulate high user demand.

What’s Hot on Infosecurity Magazine?