Morrisons has come under fire for its handling of what appears to be sustained attack by fraudsters on More loyalty club accounts amid claims that the supermarket giant has been refusing to refund customers.
The More loyalty scheme was launched from the ashes of the Match & More programme in 2016 and is one of the stingiest reward programmes on the market. Morrisons customers have to spend £1,000 to receive a £5 voucher; Boots Advantage Card holders would earn £100 for the same spend.
Perhaps unsurprisingly many shoppers save their points all year to put towards their Christmas shop. However, as the festive shopping period approaches Morrisons’ Facebook and Twitter feeds have been inundated with disgruntled customers whose points appear to have vanished into thin air.
One customer wrote: “Thanks for nothing @Morrisons – literally! £75 of More Points stolen from my online account which I was saving for Christmas and it’s basically tough s**t! After spending ££££ as a loyal customer you’d think you’d value your customers more #morrisons #CustomerService #crap.”
A second tweeted: “@Morrisons points have been stolen and spent 400 miles away,” while a third wrote: “I’ll never shop in @Morrisons again. It seems ok for someone to hack your account and use my 49,920 More points [£10] at the other side of the country. Points I had saved all year for Christmas. So thank you Morrisons for ruining my Christmas as you won’t give me them back.”
Another added: “@Morrisons Someone has stolen my Morrison points and used them in Leeds when I live miles away from there! Not Morrisons’ security issue so won’t get them back. I thought they had to have my card, as my preference was to download to card. I am fuming, £70 worth of points saved all year!”
One customer claims he was told by a staff member that there had been “hundreds” of complaints about the same issue within the past few weeks.
In response, Morrisons has denied any responsibility, insisting it has not suffered a hack or data breach and blaming so called “credential stuffing”, where fraudsters use already breached usernames and passwords to gain access to other accounts.
However, the supermarket giant has refused to comment on how many customers have been affected, how many points have been stolen, or what affected customers should do. It has also declined to say if it will refund points.
Morrisons added: “Online hackers target people who use the same username and password across multiple sites. We regularly remind our customers about the importance of using a unique password. We take online security very seriously and our customer data has not been breached.”
In September, four people were convicted of defrauding Tesco and Boots of tens of thousands of pounds. Cardiff Crown Court heard how the gang raided the online accounts of millions of Clubcard and Advantage Card customers and used the stolen reward vouchers to buy high end brands which were then sold on.
Loyalty card fraud trial exposes ‘back door’ data theft
Morrisons man is spared jail after More loyalty fraud
Loyalty scheme chief gets 16 months for £200k fraud
Tesco warns of Clubcard theft threat