Tesco Clubcard data theft: has your account been accessed?

Rights, Scams and Politics

Updated on 03 March 2020 | 1 Comment

More than 600,000 Clubcard members to be sent new cards after their user name and passwords were stolen.

Hundreds of thousands of Tesco’s Clubcard holders may have had their vouchers stolen following a data attack by scammers.

The supermarket said it will be issuing around 620,000 members of the loyalty scheme with new cards.

Tesco stressed that it would be reimbursing anyone who has lost Clubcard points as a result of the attack.

How were accounts compromised?

The fraudsters were able to get hold of members’ usernames and passwords, and gain access to their accounts.

Tesco said that it believed the scammers had gotten their hands on a database of stolen usernames and passwords from other platforms, and then tried them on the Clubcard site to see if the same usernames and passwords had been used.

Boost your credit rating and earn Clubcard points with the Tesco Foundation credit card

Are your Clubcard points at risk?

Once the scammers were able to access the accounts, they would have been able to redeem vouchers using the points built up by the Clubcard members.

While members can use their points in store, they can trade them in for vouchers worth far more with partner retailers, covering everything from air miles to money off at certain cinemas.

A spokesperson for Tesco said they had discovered some “fraudulent activity” around the redemption of a “small proportion” of customers’ Clubcard vouchers.

They added: "We have strict security measures in place and our priority is protecting our customers.

"Our internal systems picked this up quickly and we immediately took steps to protect our customers and restrict access to their accounts.

"At no point was any customer's financial data accessed.”

How to boost your Tesco Clubcard points

What should I do now?

Tesco said it has contacted all of those Clubcard members who have been affected, explaining that they will be issued with new Clubcards.

As mentioned earlier, the supermarket has said that any points that have been stolen will be replaced.

It has also urged them to change their passwords.Even if you haven’t heard from Tesco, this is likely a good opportunity to review your own password setup.

While having the same username and password across a host of accounts is the simple option, it does expose you to the threat of having your loyalty points stolen ‒ or even worse ‒ should that information become compromised through hackers.

Where possible, having a unique username and password for each online account is safer.

For more, check out our guide on how to keep your account and personal information safe.

Watch out for follow up scammers!

As Tesco has confirmed it will be contacted hundreds of thousands of customers, and given the widespread media coverage, there's every chance that criminals will see this as another opportunity to steal your personal information.

So be wary of any emails asking you to follow a link and enter your details. Never click on any links from an unsolicited email and instead navigate your way to the Tesco site by searching for them in your browser of choice.

Comments

Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.