Thousands of Tesco.com Accounts Had Credentials Shared Online

TescoTesco has deactivated some customers' net accounts after their login names and passwords were shared online. The list of more than 2,000 Tesco.com accounts was posted to a popular text-sharing site earlier on Thursday. The supermarket giant said the data had been compiled by hackers using details stolen from other sites. A small number of people contacted by the BBC via the email addresses given on the list confirmed their accounts had now been deactivated. All those contacted said their login details were correct and one added the attackers had used them to steal store vouchers. Tesco said it was "urgently investigating" the appearance of the data. It is thought the list was drawn up by attackers who combed through data stolen in other high-profile security breaches. Password and email combinations seen in those large breaches were then tried on the Tesco site and resulted in 2,239 hits where the same credentials were used. Read the full story at BBC.