ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Tesco Data Breach

tesco.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 2,239
Breach date 12 Feb 2014
Added to tracker 13 Feb 2014
Data classes 3

What happened

In February 2014, over 2,000 Tesco accounts with usernames, passwords and loyalty card balances appeared on Pastebin. Whilst the source of the breach is not clear, many confirmed the credentials were valid for Tesco and indeed they have a history of poor online security.

Exposed data

Email addresses Passwords Reward program balances

Recommended actions

  • Change your Tesco password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Tesco โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP