UK's Tesco Supermarket App and Website DisruptedRetailer Says an Attempt Was Made to Interfere With Its Systems
Grocery retailer Tesco, in a tweet, said there had been a service disruption on its app and website. The U.K-based company told Information Security Media Group that the outage was likely due to an attempt to interfere with its systems.
See Also: Case Study: The Road to Zero Trust
On Monday, a company spokesperson told ISMG that both the website and app were now "back up and running," although some customers maintained that the issue persisted and voiced concerns over data loss.
According to Downdetector, which monitors status and outage information for websites and apps in real time, Tesco customers began reporting issues with the retailer's app and website in the early hours of Oct. 23. Seventy-three percent of the complaints came from Tesco's website users, while 23% came from the app customers, according to Downdetector's cumulative statistics. These figures remained in the same range over the weekend.
On Sunday, the retailer tweeted that it was "still experiencing disruption with our groceries website and app. We’re working hard to get things back to normal, and we're really sorry for the inconvenience."
The company's spokesperson told ISMG that the "disruption was the result of an attempt to interfere with our systems, which had caused problems with the search function on the site."
Issue Persists Despite Fix
While a Tesco spokesperson told ISMG on Monday that the retailer's "online grocery website and app are now back up and running," Downdetector's heat map shows that users have continued to report outages in the past 24 hours. Customers across the U.K. were affected, and those in London and Brighton were affected the most, according to the map.
The Tesco spokesperson did not comment on the extent of the disruption and the regions affected.
In response to a Tesco tweet announcing that the issue had been resolved, many customers commented that it was still unresolved.
Mark Robinson, a Downdetector subscriber, replied to the tweet: "Definitely [the Tesco services are] not up and running as I have just received the constant... there is an error please try later... message!!"
Tesco told ISMG that due to the need to "manage the initial flow of traffic back to the site, some customers may need to briefly enter a virtual 'waiting room,' before they can access the site. This is a planned measure, which we routinely use at peak times to ensure customers have a smooth experience on the site."
A separate tweet from a Tesco customer implies that the outage may also have led to data loss. According to the tweet, the platform's "favorites" and future orders data were lost during the outage and/or the subsequent restoration.
Tesco tells ISMG that it has "no reason to believe that the issue impacted customer data, but that it is taking "ongoing action to make sure all data stays safe."
While the retailer did not share any technical details of the outage with ISMG as the investigation is ongoing, Downdetector subscriber Alex Hooper, who claims to have an IT background, says "I personally believe what's happened in this instance is a DDoS attack."
Past Attacks on Tesco
Previously, the company's Scotland-based subsidiary Tesco Bank was the victim of a massive account fraud that began in June 2014, after bad actors opened fraudulent accounts in the bank. The bank detected the suspicious activity in November 2016 and blocked all online transactions tied to customers' current accounts after money was stolen from 20,000 such accounts (see: Tesco Bank Confirms Massive Account Fraud).
In 2018, the U.K.'s Financial Conduct Authority fined Tesco Bank 16 million pounds (approximately $21.3 million at the time) for failing to proactively deal with "foreseeable risks" in the incident, which led to hackers executing a successful online attack campaign (see: Tesco Bank Hit With £16 Million Fine Over Debit Card Fraud).