Retail giant Tesco has issued a warning to its 600,000 Clubcard account holders after discovering a security issue that threatened users.
Tesco issued a security warning to its Clubcard holders saying it believed there were attempts to use a database of stolen usernames and passwords from other platforms on its websites and some may have been successful.
However, the supermarket firm assured that no financial data was accessed and its systems have not been hacked. The company will be issuing new cards as a precautionary measure and apologized for the inconvenience.
A Tesco spokesperson said: "We are aware of some fraudulent activity around the redemption of a small proportion of our customers' Clubcard vouchers. Our internal systems picked this up quickly and we immediately took steps to protect our customers and restrict access to their accounts."
Tesco said it has sent emails to everyone who were potentially affected, and added that nobody would lose their points and new vouchers would also be issued.
An IT worker who received the email said: "The email was very ambiguous. I thought it was because I'd just used a new bank card. I didn't realize it was actually my account details that could have been compromised."
"It worried me - I feel better now it's been clarified," he added.
Other who received the email took to social media and humorously questioned how much their points would actually be worth to a hacker. Tesco's loyalty scheme in the UK offers one point for every pound spent in store and every 100 points are worth £1.
However, Jake Moore, cyber-security specialist at the firm Eset, explained that a lot of people still use simple passwords or similar log-ins for many different platforms. Moore said: "Cyber-criminals can do a lot of damage with a large breached list simply containing names and emails or other trivial data."
"The big risk is via brute force attacking the accounts where criminals use leaked common password combinations against the emails to try to break into other personal accounts," he added.
