Passwords at Tesco Not The Issue

It seems almost ironic that just the other day I was ranting about Tesco’s seemingly mediocre approach to password security, and today we hear that Tesco online store ‘is infiltrated by insider card fraudster’.

Customers shopping at Britain’s biggest Internet store — Tesco Direct — are feared to have had their card details stolen by a company insider.

The security breach is allegedly linked to a worker who handled phone orders for items advertised on the Tesco Direct website and the related store catalogue.

Now, if a call centre worker has access to those details and enough information to use them for his or her own gain without the need for any criminal record checks or other vetting, why are we bothering with passwords at all? I might as well start handing out my card information on the street.

(Thank you Louise for sending this to me..)

9 comments so far

  1. Rachel said:
    On 24 Nov at 7:02 pm

    That sort of thing always amazes me…when you bring up something then a day or two later it’s mentioned on it’s own. …And am I really the first commenter?

  2. Lucia said:
    On 24 Nov at 7:08 pm

    I was reading that with mum an hour ago, good thing we actually go to the store instead of shopping online. Mum doesn’t really trust online ordering, turns out she was right!

  3. Louise said:
    On 24 Nov at 7:09 pm

    It does amaze me though how stupid Tesco are about it all. With all this fraud that’s going on and the government losing 25m peoples confidential details, would’ve thought them to be at least stepped up their security. You’re welcome Jem. :)

  4. Carly said:
    On 24 Nov at 7:55 pm

    Haha, that’s very odd… me and my Mum were chatting about things that happen like this: like when something happens in Eastenders that’s been happening in our family…etc.. (Not that I’m sleeping with my Husband’s Dad and the evidence is on our wedding video tape or anything like that.) But if you do fancy randomly handing out your credit card details, you know my email address… I’ll spend some of your hard earned money, hehe.

  5. Chans said:
    On 24 Nov at 9:36 pm

    Nice going for Tesco’s. Seriously that is -of course- ridiculous, in most companies you are screened before you get hired, even if it’s just a normal job that doesn’t have anything to do with security or secure information. So why didn’t Tesco’s do this with their employees that are expected to handle these details. Oh and don’t bother handing your details out on the streets, just post them here, that way your foreign visitors can keep them safe too ;)

  6. Amber said:
    On 25 Nov at 12:53 pm

    I told my mother about this — she sometimes does online shopping and she informed me that ‘Tesco Direct’ is separate from the normal ‘Tesco’ site. I’m dubious of whether she’s right or not but that’s another matter. It amazes me that people are still so callous with personal details — and that others still pursue this idea of ID cards.

  7. Jem said:
    On 25 Nov at 1:17 pm

    she informed me that ‘Tesco Direct’ is separate from the normal ‘Tesco’ site Tesco Direct does everything but the food, which is where the normal Tesco site comes in. However, they’re both on the same main website, and I doubt Tesco run two separate applications just to serve two different types of product. If you log in to the Tesco website you use the same credentials to shop in both stores. This ultimately means that your mum’s point is irrelevant :P

  8. Grant said:
    On 25 Nov at 2:31 pm

    Lucky i live near tesco and i aint lazy enough to walk!

  9. Amber said:
    On 25 Nov at 3:33 pm

    “This ultimately means that your mum’s point is irrelevant :P” Aha! I knew I was right; I’m going to gladly and sanctimoniously inform her so too.