Woolworths has tightened security around its loyalty program after 130 accounts were fraudulently accessed | NineMSN

Australian Information Security Incident Reported: September 13 2018

Woolworths has tightened security around its loyalty program after 130 accounts were fraudulently accessed.

Over the past few months, fraudsters have fraudulently redeemed points from the Rewards member accounts. However, an investigation by Woolworths found no evidence to suggest its data systems had been breached or compromised.

Woolworths claims in all the 130 cases, Rewards accounts were accessed with valid login and password details suggesting credentials had been obtained from other sources or online scams.

Source: Woolworths has tightened security around its loyalty program after 130 accounts were fraudulently accessed

Woolworths Rewards cards ‘hacked’, points stolen | news.com.au

Australian Information Security Incident Reported: July 27 2017

WOOLWORTHS is investigating reports of Rewards cards being “hacked” and points stolen from customers’ accounts using a major security vulnerability in the Woolworths app.

Currently, the app allows anyone to enter a random card number to see the points balance on the account. The user can then enter the number into a rewards card app like Stocard to generate an image of the barcode, which can be scanned at the Woolworths checkout to claim the discount.

Numerous customers have taken to the OzBargain forum to report points being stolen.

Source: Woolworths Rewards cards ‘hacked’, points stolen