The good news for Tesco and other bank customers is their money is protected under the Financial Services Compensation Scheme (FSCS), but that's no reason for lax security.
So how can you stay safe while still enjoying the advantages and benefits of online banking?
1. Change your password regularly
We all know how important it is to have strong security for online profiles, but 'password' and '123456' are still the most common passwords.
Make sure your online banking password is strong, using upper and lower case letters, numbers and symbols.
If you use mobile apps or contactless payments like Apple or Android pay, make sure your phone or tablet is protected with a pin number or other security measure. And make sure you always properly log out. Just closing the app or webpage might not be enough.
2. Don't fall for Phish
Hackers don't have to crack your password to get into your account. Sometimes you can do the hard work for them. Spoof emails (supposedly from your bank) encourage people to click links and visit fake websites, allowing fraudsters to steal your details.
Never click links in emails claiming to be from your bank. Always go directly to the banks website.
And if in doubt, contact your bank, making sure you call the contact number your bank gave you, rather than just redialling. And obviously never give out personal information like passwords and pin numbers.
3. Stay secure
Mobile banking and phone-based payments mean it has become common for people to manage their money on the move. But this has brought its own problems.
Avoid using public Wi-fi for online banking or purchases, because it is difficult to tell if the network is secure or not.
In fact, standard 3G and 4G mobile data signal are often the best to use, even if they are a bit slower, according to GetSafeOnline.org.
What to do if you're a victim
With all the best will in the world it is difficult to stay completely safe and if you see suspicious activity, or payments you don't recognise, then contact your bank immediately.
The good news is, if you really have been the victim of identity theft, or hacking, your bank will refund your money. However, the bank might investigate your claim, which can delay the repayment.
If the bank decides you have been negligent, for example telling someone your pin number or giving out your personal details, then you might not get your money back.
If your bank rejects your claim you can make a complaint to the Financial Ombudsman Service.
This article is provided by the Money Advice Service.