Incident: Tesco's Website and App Hacked, Causing Online Shopping Disruption.

Published Date: 2021-10-25

Postmortem Analysis
Timeline 1. The software failure incident at Tesco's website and app due to a hack occurred over the weekend, starting on Saturday morning and continuing into Sunday [Article 120025]. Therefore, the estimated timeline for the software failure incident at Tesco's website and app would be: - Month: October - Year: 2021
System 1. Tesco's website and app [120025]
Responsible Organization 1. The hack that caused the software failure incident on Tesco's website and app was carried out by external malicious entities [Article 120025].
Impacted Organization 1. Customers of Tesco were impacted by the software failure incident as they were unable to shop online, book deliveries, or amend existing orders [Article 120025].
Software Causes 1. Hack attempt to interfere with Tesco's systems [Article 120025]
Non-software Causes 1. Attempted interference with Tesco's systems [Article 120025] 2. Cyber-attack on Tesco's website and app [Article 120025]
Impacts 1. Thousands of customers were unable to shop online at Tesco over the weekend, as they couldn't book deliveries or amend existing orders [120025]. 2. Customers experienced inconvenience and frustration due to the outage, prompting a flood of queries to Tesco and complaints on social media platforms like Twitter [120025]. 3. Tesco had to implement a virtual waiting room to manage the initial flow of traffic on their website and app, potentially causing delays for customers trying to access the site [120025]. 4. The incident highlighted the vulnerability of Tesco's systems to hacking attempts, raising concerns about the security of customer data [120025]. 5. Previous hacking incidents in 2014 and 2016 resulted in the suspension of online customer accounts and financial losses for Tesco, indicating a history of cybersecurity challenges for the company [120025].
Preventions 1. Implementing robust cybersecurity measures such as regular security audits, penetration testing, and intrusion detection systems could have prevented the hack on Tesco's website and app [120025]. 2. Enhancing employee cybersecurity awareness and training to recognize and respond to potential security threats could have helped prevent the hack incident [120025]. 3. Utilizing multi-factor authentication for customer accounts could have added an extra layer of security to prevent unauthorized access and potential hacks [unknown].
Fixes 1. Implementing stronger cybersecurity measures to prevent future hacking attempts [120025] 2. Conducting regular security audits and updates to ensure the system is protected against vulnerabilities [120025] 3. Enhancing incident response protocols to quickly detect and mitigate any potential breaches in the future [120025]
References 1. Tesco spokesperson [Article 120025] 2. Tesco customers (via Twitter) [Article 120025]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident has happened again at one_organization: - Tesco experienced a hack in 2014 where online customer accounts were suspended due to details being posted online, and a separate attack on Tesco's banking arm resulted in a loss of £2.5m two years later [Article 120025]. (b) The software failure incident has happened again at multiple_organization: - The article does not mention any other organizations experiencing a similar incident.
Phase (Design/Operation) design, operation (a) The software failure incident at Tesco, where their website and app were hacked, leading to thousands of customers being unable to shop online, can be attributed to a design-related failure. The hack was described as an attempt to interfere with Tesco's systems, indicating that the contributing factors were introduced during the system development or updates [Article 120025]. (b) Additionally, the software failure incident can also be linked to an operation-related failure. The outage caused by the hack resulted in customers being unable to book deliveries or amend existing orders, showcasing how the operation of the system was impacted by the incident [Article 120025].
Boundary (Internal/External) within_system (a) within_system: The software failure incident at Tesco's website and app was due to a hack, which was an attempt to interfere with its systems [120025]. The outage was caused by factors originating from within the system, specifically the security breach that led to the disruption in service.
Nature (Human/Non-human) non-human_actions (a) The software failure incident at Tesco was due to non-human actions, specifically a hack that interfered with the systems, leading to an outage on the website and app [120025]. The hack resulted in customers being unable to shop online, book deliveries, or amend existing orders over the weekend. Tesco's teams worked to restore service, and the company mentioned that there was no reason to believe customer data was affected. Additionally, the outage prompted the implementation of a virtual waiting room to manage the initial flow of traffic on the site during peak shopping times.
Dimension (Hardware/Software) software (a) The software failure incident reported in Article 120025 was due to a hack, which is a contributing factor originating in external sources rather than hardware. The incident involved an attempt to interfere with Tesco's systems, leading to an outage on their website and app, affecting customers' ability to shop online. The hack resulted in customers being unable to book deliveries or amend existing orders, prompting Tesco to implement measures like a virtual waiting room to manage traffic flow. Additionally, the article mentions that there was no reason to believe customer data was affected, indicating that the issue was more related to external interference rather than hardware failure.
Objective (Malicious/Non-malicious) malicious (a) The software failure incident at Tesco's website and app was malicious in nature. The outage was caused by a hack, where there was an attempt to interfere with the systems, leaving thousands of customers unable to shop online over the weekend [Article 120025]. This indicates that the failure was due to contributing factors introduced by humans with the intent to harm the system.
Intent (Poor/Accidental Decisions) unknown (a) The intent of the software failure incident: - The software failure incident at Tesco's website and app was due to a hack, indicating an intentional attempt to interfere with the systems [Article 120025].
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident at Tesco's website and app was due to a hack, which left thousands of customers unable to shop online over the weekend. The outage was caused by an attempt to interfere with Tesco's systems, indicating a security breach that exploited vulnerabilities in the software. This can be attributed to development incompetence as the hackers took advantage of weaknesses in the system that should have been addressed by the development team to prevent such attacks [Article 120025]. (b) The software failure incident was not accidental but rather a deliberate hack aimed at disrupting Tesco's online services. The spokesperson mentioned that the outage was due to an attempt to interfere with the systems, indicating a targeted attack rather than an accidental glitch or error. This deliberate interference points towards malicious intent rather than accidental factors contributing to the software failure incident [Article 120025].
Duration temporary (a) The software failure incident described in Article 120025 was temporary. The Tesco website and app were down over the weekend due to a hack, but the issue was resolved, and the services were back up and running by Sunday night. The outage lasted for a limited period, indicating a temporary failure [120025].
Behaviour crash (a) crash: The software failure incident in Article 120025 can be categorized as a crash. The Tesco website and app experienced an outage due to a hack, which left thousands of customers unable to shop online. This resulted in the system losing its state and not performing its intended functions, such as customers being unable to book deliveries or amend existing orders [120025].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence property, delay (d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident at Tesco's website and app due to a hack left thousands of customers unable to shop online, affecting their ability to book deliveries or amend existing orders [Article 120025]. While the article mentions that there was no reason to believe customer data was affected, it highlights a previous incident in 2014 where Tesco was hacked, resulting in the suspension of online customer accounts after details of more than 2,000, including passwords, were posted online. Additionally, a separate attack on Tesco's banking arm resulted in the loss of £2.5m two years later. These incidents indicate that people's material goods, money, or data were impacted due to the software failure.
Domain sales, finance (a) The failed system was related to the sales industry as it affected Tesco's website and app, preventing thousands of customers from shopping online [Article 120025]. (h) Additionally, the incident involved Tesco, a major supermarket chain, which operates in the finance industry through its banking arm [Article 120025]. (m) The incident also highlighted the issue of cyber-attacks, which are a concern for many companies and organizations worldwide, indicating a broader impact beyond specific industries [Article 120025].

Sources

Back to List