Boots has suspended payments using loyalty points in-store and online after hackers tried to break into customers' accounts using stolen passwords.

Customers will not be able to use Boots Advantage Card points to pay for products while the issue is dealt with, according to BBC News.

The pharmacy chain stated that none of its own systems were compromised, but attackers had tried to access accounts with reused passwords from other sites.

The incident affected less than one per cent of the company's 14.4 million active Advantage Cards - fewer than 150,000 people - but Boots said it could not give an exact number as it was still dealing with the problem.

"We are writing to customers if we believe that their account has been affected, and if their Boots Advantage Card points have been used fraudulently we will, of course, replace them," the company said in a statement.

No credit card information had been accessed and customers can still earn points when making purchases.

The hack comes days after a similar issue hit 600,000 Tesco Clubcard holders. In that case, the supermarket chain told customers it believed that a compromised list of usernames and passwords had been used to try to gain access to its customers' accounts.

Nicky Whiting, head of consultancy at security firm Bulletproof, commented: “This attack really emphasises the need for users to be far more savvy about their passwords – the hackers simply used existing, known compromised accounts to access the information, knowing full well that a lot of people use the same password for all accounts.

“Users need to realise that if they want to protect their personal information, they need to take some responsibility and employ password best practices, e.g. separate passwords for each account, long passwords using three random words."

Boots said customers could reset their passwords online, recommending a unique password not used on other sites.

Share Story: