The Independent's journalism is supported by our readers. When you purchase through links on our site, we may earn commission.
Boots halt Advantage Card payments after cyber attack on 150,000 customer accounts
High street chain says no personal details were obtained
Boots has suspended payments using loyalty points following a cyber attack on 150,000 customer accounts.
The company has stated that its security team noticed “unusual” activity on a number of Boots Advantage Card accounts, which it believed was scammers attempting to access and spend customer points through the loyalty card system.
The issue is said to have affected less than one per cent of the company's 14.4 million active Advantage Card users, which equates to around 150,000 people.
The high street chain added that none of its systems was compromised in the attack but that it had suspended payments using the cards while the problem is being dealt with.
“Our customers' safety and security online is very important to us,” the company said in a statement.
“We can confirm we are writing to a small number of our customers to tell them that we have seen fraudulent attempts to access boots.com accounts.”
The statement added that such cyber attacks are often successful if people use the same email and passwords on multiple accounts, before recommending that customers use different details for each site used.
“As an extra precaution we have temporarily stopped payment by Boots Advantage Card points on boots.com or in store,” the company continued.
"This removes the ability for people to attempt to access any Boots accounts, but means that customers will not be able to use Boots Advantage Card points to pay for products in store and online for a short period of time.
The worst high street shops 2019
Show all 9“We are writing to customers if we believe that their account has been affected, and if their Boots Advantage Card points have been used fraudulently we will, of course, replace them.”
The security breach comes days after Tesco reported a similar cyber attack which affected 600,000 Tesco Clubcard holders.
The supermarket stated that fraudsters had attempted to access the accounts of shoppers using lists of stolen username and password combinations from other sites.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies