The UK’s biggest retailer Tesco has suspended more than 2,000 accounts after customer email addresses and passwords were published online by hackers.
It is believed that the data was compiled from non-Tesco websites and relied on the habit of some people using the same usernames and passwords for different websites.
The attack was used to steal Tesco Clubcard points from shoppers.
Tesco said in a statement: “We take the security of our customers’ data extremely seriously and are urgently investigating these claims.
“We are contacting all customers who may have been affected and are committed to ensuring that none of them miss out as a result of this.”
It follows high-profile intrusions at retailers Target and Neiman Marcus who were targeted by hackers as tens of millions of credit and debit card numbers from its servers were stolen.
Phil Beckett, managing director at Proven Legal Technologies commented: “ It is arguably more important to consider the loss of intellectual property as well as customers’ private data as this can really impact a company’s bottom line.”