IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Tesco customers' passwords and email details leaked online

More than 2,000 of the supermarket giant's customers affected by online data leak.

Tesco store

Supermarket giant Tesco has deactivated more than 2,000 of its customers' online accounts after their personal details were published on text sharing site Pastebin.

The leaked details included the email addresses, plain text passwords and Tesco Clubcard point balances of 2,239 of the company's customers.

According to a report by the BBC, the data may have been pieced together by hackers using information lifted from other sites and cyber attacks.

It is thought the gleaned email addresses and passwords were then systematically used by hackers to try and access Tesco.com accounts.

In a small number of cases, the hackers are said to have stolen Clubcard points from customers too, which Tesco has agreed to reimburse.

In a statement on the Tesco Facebook page, the company said it was investigating the breach.

"We take the security of our customers' data extremely seriously and are urgently investigating these claims," a company spokesperson wrote.

"We are committed to ensuring that nobody misses out as a result of this. We will issue replacement vouchers to the very small number who are affected."

Trey Ford, global security strategist at security vendor Rapid 7, said the case highlights the perils of using the same login details across multiple online accounts.

"So far the information available indicates the impact of this has been relatively limited stolen vouchers but if attackers have tried this on Tesco.com, the chances are they are also trying it on other sites too and so we may see additional fallout," said Ford.

"This is [a lesson] in consumer behaviour people continue to reuse passwords and other credentials across multiple sites, making it easy for attackers to compromise them. It's essential to learn the lesson from this incident before the cost becomes greater," he added.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Tesco to pilot in-store flexible working spaces
flexible working

Tesco to pilot in-store flexible working spaces

12 May 2022
Apple, Google, Microsoft expand their support for password-less sign-ins
cyber security

Apple, Google, Microsoft expand their support for password-less sign-ins

6 May 2022
NordPass teams up with insurance provider Cowbell Cyber to improve security awareness
cyber security

NordPass teams up with insurance provider Cowbell Cyber to improve security awareness

18 Feb 2022
NCA donates 225 million passwords to Have I Been Pwned
cyber security

NCA donates 225 million passwords to Have I Been Pwned

21 Dec 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022