Tesco has suffered a major security incident after the usernames and passwords of some customers’ online accounts were posted online.
The spillage affected around 2,200 Tesco.com accounts, according to the BBC, and the details were posted on a well-trafficked text sharing portal.
Apparently the data hadn’t been leaked from the supermarket giant itself, but cyber-ne’er-do-wells had put it together using details purloined from other data breaches at various websites – relying on the fact that many users unwisely employ the same usernames and passwords across multiple logins.
Tesco took swift action, though, and temporarily suspended the accounts of those who had been affected. The only damage done seems to have been a small number of customers who had their store vouchers nicked.
Tesco issued a statement to say: “We have contacted all customers who may have been affected and are committed to ensuring that none of them miss out as a result of this.”
“We will issue replacement vouchers to the very small number who are affected,” the supermarket added.
This is yet another lesson in the password security saga – you should never reuse the same password at different sites. If you have trouble remembering multiple passwords, then get yourself a password manager – we’ve rounded up the best password management software for you here.