Back in 2016, the cybersecurity of Tesco Bank was rigorously questioned, when hackers were able to gain access to 9,000 customers’ accounts and steal £2,500,000.
Tesco also suffered a further breach last week were they reportedly cancelled a number of credit cards over a ‘third-party compromise’.
There has now been another breach where it’s estimated 17,000 Tesco Travel Money customers are subject to this new and massive data protection breach which happened through Travelex – a company that runs services on behalf of Tesco.
Names and payment information are amongst the data that has reportedly been compromised
Tesco Travel Money data leak
The data of some 17,000 users is said to have been disclosed outside of the company, with affected victims reportedly being contacted by letter from Travelex. People who used the service between December 2016 and January 2017 are potentially affected, with the cause of the data breach being unknown.
According to information confirmed so far, leaked data may include:
- Full names
- Addresses
- Dates of birth
- Telephone numbers
- Email addresses
- IP addresses
- Emails between staff internally, and emails to and from customers
- Credit and debit card numbers.
It’s thought that the latter of the two listed above may have been partial information only.
Should Tesco Travelex customers be worried?
Information as to where the data leaked has gone remains uncertain. Ultimately, combinations of the type of data that has been breached in this leak, listed above, is enough for fraudsters and criminals to do some serious damage. As such, in terms of the nature of the data at the centre of this leak, we consider this to be a serious data protection breach.
Taking the example of the very serious 56 Dean Street Clinic leak that we dealt with, where the personal details of almost 800 HIV patients was leaked between the patients, it’s hard to know for sure that the data will never go any further than to those it was leaked to.
Ultimately, the safety of the data remains a concern; particularly given that the information as to where it has gone, and how, remains unknown.
On top of that, email addresses are being hacked all the time. All it takes is for one cyber-hacker to get into an email and find something useful – like a load of leaked data – to be able to do some serious damage.
Is fraud a worry?
You only need to look at the TalkTalk data breach to know that this is a massive worry. Fraudsters have been posing as TalkTalk staff and contacting customers off the back of their serious data hack for years, and fraudsters could theoretically do the same if they get hold off the data leaked in this case.
We will be keeping a close eye on the situation and monitoring developments.
Are you affected by the Tesco / Travelex data breach?
Feel free to contact us on 0800 634 7575 if you have received a letter from Tesco or Travelex to confirm your data has been leaked. We can assess if there is a potential case to answer.