Except all the examples used in that article are from Tesco, including the tweet, not Tesco Bank which uses a completely different security model. Pretty basic oversight by the author.
And Tesco Bank have never used email as a channel for online banking security either. Another basic oversight.
There is another tweet where a customer claims the bank emailed him his password, turns out in that instance the customer used their password as their security word for Bank communications I.e. the word that will be included in electronic correspondence to identify it is from the bank. Although I believe they only do that on the credit card side if things.
Biting the hand that feeds IT
