Tesco Clubcard holders warned of major security issue - what to do if you're affected
Tesco has issued new cards to 600,000 members of its Clubcard loyalty scheme after discovering some accounts had been compromised.
The supermarket chain said attackers attempted to gain access to Clubcard accounts using a database of credentials stolen from other platforms.
Tesco says all Clubcard members potentially affected by the incident have been informed via email.
Although the hackers were thought to have had some success, no financial information was exposed in the incident and Tesco’s systems have not been attacked, the company added.
Tesco’s loyalty scheme offers members one point for every pound spent, and every 100 points earned is worth £1 in in-store credit.
Although attackers gained access to the credit accrued by some account holders, Tesco said no Clubcard points will be lost and new vouchers will be issued.
Members set to receive new Clubcards as a result of the incident can continue to collect points online and in-store using their existing cards.
“We are aware of some fraudulent activity around the redemption of a small proportion of our customers' Clubcard vouchers,” said a Tesco spokesperson.
“Our internal systems picked this up quickly and we immediately took steps to protect our customers and restrict access to their accounts.”
According to Chris Miller, Regional Director UK&I at RSA Security, incidents of this kind are exacerbated by users’ reliance on identical log-ins for multiple platforms.
“Authentication continues to be a balancing act between security and convenience and organisations must continue to look for convenient yet secure ways to make access as easy as possible for the user,” he told TechRadar Pro.
“From the end-user's perspective, it is really important not to use the same password for multiple accounts...After all, if attackers have tried to log into Tesco Clubcard with stolen credentials, in all likelihood they'll be trying the credentials on other sites too.”
Tesco has advised Clubcard members to get in contact on 0800 591 688 with any additional queries related to the incident.
Industry: Cyber Security
- Outside IR35 Contract- SC / DV - Cloud / VMware Solution Architect
- Outside IR35
Solution Architect Contract - with active Security Clearance needed for Outside IR35 Contract London. SC / DV (must be willing to undergo DV) 6 month rolling Immediate Experience delivering technical Security Architecture design / assurance of security design. Specific experience with Cloud and VMWARE technologies Cross domain experience desirable HLD / LLD Current SC Clearance a must. London 3 days a week Immediately interviewing.
- Contract Night Shift Senior SOC Analyst | Microsoft Defender | Outside IR35
- United Kingdom
- Outside IR35
Contract Night Shift Senior SOC Analyst | Microsoft Defender / Sentinel | Outside IR35 Looking for an experienced SOC analyst to cover a night shift SOC operation. Level 2 technical Analyst. You must have current hands on technical experience with Microsoft defender / Sentinel within a customer facing SOC environment. This is a UK based position.
- DV Cleared CyberArk Consultant- Contract
- City of London
- Upto £700 per day
CyberArk Consultant is needed to be responsible for leading the deployment of CyberArk solutions for this Secure government site You will work with customer, helping to create CyberArk Strategic Roadmaps, on-boarding accounts, product and process integration into the CyberArk Solution and Proviso of Installation and technical Documentation. We are looking for this individual to have experience in: In CyberArk deployment, and ideally leady the deployment both strategically and also technically for this project we need the consultant to hold current DV cleared status For the right individual this could be a long term project.
- CyberSecurity Portfolio manager
- upto €60,000 plus benefits
A cybersecurity rockstar with a strategic mind and a passion for building winning solutions, is required to craft a cutting-edge security portfolio for an expanding IT Services business , with the aim to develop solution & services that will protect their customers business. this role will involve, develop & implement security strategies, manage the portfolio, drive sales, and collaborate with teams across the globe. we are looking for someone with experience in managing and building a cybersecurity portfolio of service a knack for building relationships & leading diverse teams Strategic vision & the ability to translate it into action strong communication & collaboration skills