Tesco Clubcard fraud - online vouchers stolen

DougFlo

After having my account cleared out in December and the points reinstated. I wanted to use my points and I tried to order a Boost online.

The order crashed on order, so I went back to try again and because the vouchers were allocated to the previous order I could not use them.

I emailed Tesco and got a call the next day to say the vouchers had been released and I could reorder.

Now the fun!!!

Logged in tonight.

After the last breach:

I created an email address just for Tesco (not used for other accounts)

I used a password generator to create a unique password for Tesco and have not used this password anywhere else.

Amazingly £46 of my vouchers have been spent in Newbury over 200 miles from where I live on the same day I got the call for customer services.

How is this not an inside job?

Tesco have a massive problem!!

no1catman

DougFlo :


There may already be another email address linked to one of your CC No's!
Next time you contact them ask them to check your ".com" accounts - you may have more than one! And check the email address on each.

DougFlo

no1catman wrote: »

DougFlo :


There may already be another email address linked to one of your CC No's!
Next time you contact them ask them to check your ".com" accounts - you may have more than one! And check the email address on each.

Thanks I will ask but my login is a unique email and unique password.

How funny the day I contacted CS, the points are stolen again.

Even if another email address is linked somewhere, how can my generated password work with it?

I am convinced now that this is an inside job.

xlouise17x

Hey!

I have come across this thread as I have too been a victim of fraud.

My £150 vouchers had been used in January and February 2014. I only found out when I logged on my account and found they had been reissued. Called to find out an explanation and was told I could still use them - and avoiding the question of why....

Spoke to a team leader who spilled that the vouchers had been used by someone else illegally. Tesco had reissued the points about a week after they were used in January 2014, yet failed to notify me!

I am fuming as the majority of my accounts have the same email address and password so the hackers now have access to everything. If I was aware they had my password in January - I would have taken action to change my passwords then - not 3 months down the line!

Also, if they had notified me in the first instance, and made me change my password or put my account on hold; then the hackers wouldnt have used my £38 vouchers which came through on my February statement!

I see articles on this website from February 2013.... a year before my account was hacked - how come they haven't sorted it yet!!!!

Anyone succeeded with compensation? Anyone got legal advice? Was anyone notified that they had been subject to fraud?

I will fight hard for compensation as this is a joke!

Louise x

EtheAv8r

Sorry Louise but "....the majority of my accounts have the same email address and password...." is very bad practice - for the very reason you state - if another site gets compromised and you use the same credentials with other sites the you could be in dire straits!


Always use individual passwords (and complex ones) for every web logon. Use a password manager like LastPass - then you only need to create - and remember ONE password. I have completely gobbledygook password, and they are unique to each site but with LastPass I don't need to know what any of them are. Time to get changing them - particularly if they are social networking, email or financial sites.

catz747

Absolutely fuming. I believe it was February when our account was back to how it should have been from the first theft, except having all the vouchers in £50 denominations made redeeming against days out a little tricky. Went to buy something on direct to find again that someone had spent £50 somewhere last month despite having changed our password to something more secure. Awaiting Tesco response. Not sure why they left it this time though when last time we were cleared out.

wealdroam

xlouise17x wrote: »

Anyone succeeded with compensation?

I will fight hard for compensation as this is a joke!

Compensation for what?

What losses have you had... apart from those self-induced losses because you chose use the same password everywhere?

JAG

wealdroam wrote: »

Compensation for what?

What losses have you had... apart from those self-induced losses because you chose use the same password everywhere?

Have to agree that using same password for everywhere is asking for trouble.

However, I have read that this is still happening now. Tesco vouchers spent April 2014 stolen and printed from their online account, despite user having a unique alpha-numeric password just for Tesco.

Could of obtained the passwords from previous Tesco hack(s) or may have been from a new attack.

peachyprice

JAG wrote: »

Could of obtained the passwords from previous Tesco hack(s) or may have been from a new attack.

Or, even more likely, it's an inside job.

clare17

I was first alerted to my details being hacked when some vouchers appeared in the post with my husbands name plus another name on them. Looked into my account online and found that over £120 of vouchers had been used. On the plus side though, whoever had used them had been spending and earned me some vouchers. After some considerable time, Tesco refunded the vouchers onto my account but I had to track them carefully as they didn't refund all of them initially despite a lot of emails and phone calls to them. I immediately changed all of my security - I have never had the same or similar passwords for anything - and lo and behold it has happened again to the tune of £150. Tesco say they have refunded, but the refund doesn't appear online immediately so will have to wait until May to check they have re-appeared. So no matter how careful you are with your passwords it still keeps happening!!I'm going to shop in ASDA!