Skip to content
Cyber Breaches
Search
Data breachResolved

Tesco data breach (2014)

In February 2014, over 2,000 Tesco accounts with usernames, passwords and loyalty card balances appeared on Pastebin. Whilst the source of the breach is not clear, many confirmed the credentials were valid for Tesco and indeed they have a history of poor online security.

Victim
Tesco
records
2.2K
SectorMedia

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2014-02-12, Tesco was affected by a data breach. Approximately 2,239 accounts were exposed. In February 2014, over 2,000 Tesco accounts with usernames, passwords and loyalty card balances appeared on Pastebin. Whilst the source of the breach is not clear, many confirmed the credentials were valid for Tesco and indeed they have a history of poor online security.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Tesco
  2. tesco.comhttps://tesco.com

Related incidents

Data breachResolved

Acne.org data breach (2014)

In November 2014, the acne website acne.org suffered a data breach that exposed over 430k forum members' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.

Victim
Acne.org
Records
432.9K
Data breachResolved

ILikeCheats data breach (2014)

In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts. The vBulletin based forum leaked usernames, IP and email addresses and weak MD5 hashes of passwords. The data was provided with support from dehashed.com.

Victim
ILikeCheats
Records
188.8K
Data breachResolved

9Lives data breach (2014)

In October 2014, the (now defunct) Belgian gaming news forum 9Lives suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 109k unique email addresses along with usernames and salted MD5 password hashes.

Victim
9Lives
Records
109.5K
Data breachResolved

mail.ru Dump data breach (2014)

In September 2014, several large dumps of user accounts appeared on the Russian Bitcoin Security Forum including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain.

Victim
mail.ru Dump
Records
16.6M