Deliveroo customers have lost hundreds of pounds as their accounts with the instant delivery service were hacked, BBC One’s Watchdog will reveal tonight.
Deliveroo has changed the face of online retail and and is largely responbile for the emergence of what many call the “go economy”, but a growing number of customers have reportedly become a victim of fraud.
One pair of house mates from Southampton University lost £440 when hackers broke into their shared account and ordered masses of food to addresses all over London, some as far as 120 miles away from their home address.
The company failed to recognise the activity as fraudulent and Mary and Michael had to deactivate their bank cards in order to stop further orders being made.
“At 2:30am one morning we got a stream of emails saying that we had made various Deliveroo orders,” Mary told Watchdog.
“It’s been awful, they took nearly everything and then I’ve had to pretty much beg borrow and steal off fellow flatmates, friends and parents as well.”
They were subsequently reimbursed by the company 10 days after it was illegally taken.
READ MORE: Heineken now delivers to your door
Watchdog will also reveal other examples of customer’s details being hijacked and fraudulent orders being made.
Judith MacFadyen from Reading had £240 worth of food ordered from her account before cancelling her card, Steve Tappin was charged £98 for a delivery from a TGI Friday and Margaret Warner was reportedly charged £113.70 for food she never ordered.
Deliveroo refunded all those mentioned.
Speaking to Watchdog, internet security expert David McClelland said: “When we buy things online the more hoops we have to jump through to complete that purchase the more likely we are to go away and do something else instead.
“Deliveroo realises that – so tries to remove as many of the hoops as possible. However some of the hoops that Deliveroo are removing are there specifically for security purposes. So while it may be making it easier for us to place orders, it’s also making it easier for us to be defrauded.”
READ MORE: Groupon caught selling counterfeit goods
In response to the accusation that Deliveroo was not doing enough to protect customer details, a spokesperson from the company said: “We are aware of these cases raised by Watchdog – they involve stolen food, not credit card numbers.
“These issues occur when criminals use a password stolen from another service unrelated to our company in a major data breach.
“The stolen password is then used to fraudulently access someone’s account. This is why we urge customers to use strong and unique passwords for every service they use.
“On the rare occasions when fraud does occur, we work with customers to secure their account, reimburse them for fraudulent transactions and where appropriate work with the relevant authorities.”