While Tesco Clubcard's computer systems do not appear to have been compromised, security researchers have found that Criminals of cyberspace bought counterfeit coupons to offer huge discounts on bookings through Hotels.com. The codes are created by Hotels.com and are available to Tesco Clubcard members as a reward for their purchases at the store.
As he said The Telegraph, these coupons offered a discount of up to 750 £ for hotel rooms via Hotels.com. The crooks were able to guess his last four digits code offer that unlocks the discount, as the other nine characters follow the same pattern each time. They then provided these codes for sale in illegal forums.
The first to discover vulnerability were its researchers CyberNews, who immediately notified Expedia and the booking site has since taken steps to resolve the issue. At the same time, Tesco Clubcard temporarily removed Hotels.com from the Clubcard Rewards program until the issue is resolved.
A CyberNews spokesman said: "In the current economic climate, people are looking for ways to save money, so businesses need to be vigilant to prevent fraud. We would recommend using longer, less predictable discount codes with more characters that make it harder for criminals to detect them. cyberspace, as well as the application of a limit to attempts to enter incorrectly to prevent brute-force attacks of this kind. "
In a statement, Hotels.com said the issue had been "identified and resolved several months ago" and that, together with its partners at Tesco, it had ensured that only legitimate Clubcard customers could acquire and redeem them. codes who had won. "No Hotels.com or Tesco customers have lost the offer, losing Clubcard money or points," the company said in a statement.