We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Sainsburys online security - warning!
AJMurrayUK
Posts: 2 Newbie
Would like to share my experiences with Sainsburys following their disappointingly cursory response to some material failings in their IT security policies.
My Sainsburys account was compromised, and the new owner changes the email address, phone number and delivery address for the account, and managed to place an order with no queries or checks from Sainsburys.
Their response was that they did not think they were responsible for the account being compromised (which I will believe) and that I'd need to follow up with the credit card company to refund the payment.
Any half-decent security policy would require some verification if so many material details change on an account. For example, if I enter a new delivery address for Amazon it will ask me for the CVV2 code. This is basic IT security, not rocket science.
Such a blatant disregard for basic information security is shocking in a major UK retailer. I now use Morrisons after many years of being a Sainsburys customer.
Regards,
Andrew
My Sainsburys account was compromised, and the new owner changes the email address, phone number and delivery address for the account, and managed to place an order with no queries or checks from Sainsburys.
Their response was that they did not think they were responsible for the account being compromised (which I will believe) and that I'd need to follow up with the credit card company to refund the payment.
Any half-decent security policy would require some verification if so many material details change on an account. For example, if I enter a new delivery address for Amazon it will ask me for the CVV2 code. This is basic IT security, not rocket science.
Such a blatant disregard for basic information security is shocking in a major UK retailer. I now use Morrisons after many years of being a Sainsburys customer.
Regards,
Andrew
0
Comments
-
I agree. It should email you if the email address is changed and provide a way to reverse it easily within a given time frame. The first thing a hacker does is change your email, the second thing they do is change the password to prevent you accessing in case you are logged in currently and see the change. This is such a common and well known issue in consumer IT security all online systems should protect against it
Never , ever, share passwords across accounts. They get into one, they try same email/pass on - Netflix, Amazon, Ebay, FAcebook, Online bank #1, [add top 1000 consumer sites here]. And its automated and happens in minutes.The greatest prediction of your future is your daily actions.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.9K Banking & Borrowing
- 252.7K Reduce Debt & Boost Income
- 453.1K Spending & Discounts
- 242.9K Work, Benefits & Business
- 619.7K Mortgages, Homes & Bills
- 176.4K Life & Family
- 255.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards