Tesco has blocked 620,000 Clubcard accounts and reissued loyalty cards after the supermarket uncovered a potential data breach.
Tesco said this activity may have been successful in some cases, the supermarket insisted no financial data was compromised and its systems were not hacked.
The retailer believes a database of stolen username and password combinations gathered from other platforms has been tested on its website.
It has now opted to issue new Clubcard numbers to customers who may have been affected by this fraudulent activity.
The company took ‘extra precaution’ after immediately blocking the accounts.
We are aware of some fraudulent activity around the redemption of a small proportion of our customers’ Clubcard vouchers,’ a Tesco spokeswoman said.
‘We have strict security measures in place and our priority is protecting our customers.
Our internal systems picked this up quickly and we immediately took steps to protect our customers and restrict access to their accounts.
At no point was any customer’s financial data accessed.
‘We believe that someone has stolen password/username combinations from other website(s) and used them to try to access Tesco sites – where customers used the same username and password.
‘We have asked customers affected to reset their passwords and are contacting customers whose Clubcard vouchers may have been affected to let them know that we will replace these vouchers and issue new Clubcards, as a precaution.
‘We are sorry for any inconvenience this may cause.’
Tesco has emailed those who were potentially affected by the ‘fraudulent activity’.
In the emails, Tesco reassured Clubcard customers that ‘points and vouchers will be transferred to your new Clubcard number and they won’t lose out on any value.