Tesco Bank is facing a fine or up to £30 million over the cyber attack in 2016 in which the accounts of at least 40,000 customers were compromised - with money stolen from 20,000 of them.
The November 2016 cyber attack was one of the most serious ever on a UK retail bank, with some customers seeing as much as £2,000 siphoned off from their accounts by the attackers.
Tesco Bank shut down online transactions for two days in response and had to pay back around £2.5 million to customers.
On top of that, the Financial Conduct Authority (FCA) is threatening to levy a hefty fine on the Bank of up to £30 million, according to Sky News. This will be the largest penalty it's ever handed out.
This comes after a FCA probe looked into whether Tesco Bank had left its customers exposed to fraud because it had issued sequential debit-card numbers, a practice most lenders avoid as it makes it easier for hackers to guess expiry dates and security codes.
Tesco Bank was also criticised for its response to the attack, with customers' complaining that they were kept on hold for hours and received no communication from the company.
However, the Bank is contesting the scale of the FCA's proposed fine, according to a legal source speaking to Sky News, and is said to be in active negotiations with the watchdog in a bid to lessen the size of its punishment.
A "substantially lower" sum could be agreed within the next few weeks, according to the source.
At the time of the attacks a data protection lawyer, who asked not to be named, told V3's sister website Computing that Tesco could be on the hook for a fine of more than £1.9 billion if the compromise had occurred under the EU's General Data Protection Regulations.
At the time of the attack, the Information Commissioner's Office (ICO) confirmed it would also be investigating the company.
"The law requires organisations to have appropriate measures in place to keep people's personal data secure. Where there's a suggestion that hasn't happened, the ICO can investigate and enforce if necessary," it said.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago