Boots suspends payments using loyalty points after a cyber attack on almost 150,000 of its customers’ accounts.
It all started when the company’s IT security team spotted “unusual” activity on a number of Boots Advantage Card accounts with the aim of accessing and spending the points, with the issue affected less than 1% of the company’s 14.4 million active Advantage Card users – around 150,000 people.
Boots said In a statement: “Our customers’ safety and security online is very important to us.
“We can confirm we are writing to a small number of our customers to tell them that we have seen fraudulent attempts to access boots.com accounts.
“These attempts can be successful if people use the same email and password details on multiple accounts.
“We would like to reassure our customers that these details were not obtained from Boots. We are aware that other organisations may be impacted too.”
The statement added: “As an extra precaution we have temporarily stopped payment by Boots Advantage Card points on boots.com or in-store.
“This removes the ability for people to attempt to access any Boots accounts but means that customers will not be able to use Boots Advantage Card points to pay for products in-store and online for a short period of time.
To help protect online accounts we strongly recommend using different passwords for each site used.
“We are writing to customers if we believe that their account has been affected, and if their Boots Advantage Card points have been used fraudulently we will, of course, replace them.
“We currently believe that this will only affect a tiny percentage of cardholders and we would like to reassure customers that credit card information cannot be accessed. To help protect online accounts we strongly recommend using different passwords for each site used.”