The UK Tesco Bank was hacked over the weekend. This is a small independent bank that operates partly through its grocery stores. The scale and speed of this attack is such that some experts think that it was via access at admin level, although it seems that only current accounts were affected.
From the BBC website :
Tesco Bank has halted online payments for current account customers after money was taken from 20,000 accounts. The bank's chief executive Benny Higgins told the BBC he was "very hopeful" customers would be refunded within 24 hours. About 40,000 accounts saw suspicious transactions over the weekend, of which half had money taken, he said.
I have an account myself, but I checked this morning and have lost nothing.
(Score: 0) by Anonymous Coward on Tuesday November 08 2016, @04:53PM
> My online banking has an authorisation device, like a calculator you can plug your card in, enter your pin and you get a hash code to authorise payments. (By payments I mean standing orders and direct debits)
That is two-factor authentication. You need to have
Factor 1. a password
Factor 2. a credit/debit card and PIN
One might argue it is 3 factor as you need the PIN and card. I believe the calculator thingy is not tagged to a particular card so this is not a "factor".
(Score: 2) by Wootery on Wednesday November 09 2016, @08:45AM
I suspect you didn't read to the end of the comment. Webweasel isn't denying that:
The only place for 2fa is in your online banking portal setting up new transfers. NOT on websites taking credit/debit cards.