Boots had suspended payments using loyalty card points after a cyber attack on its customer database.
Hackers broke into Advantage Card accounts to steal customers’ reward points to spend on themselves.
The issue affected less than 1% of the company’s 14.4 million active loyalty card users – around 150,000 people.
No credit card information had been taken.
Source: https://metro.co.uk/2020/03/05/boots-advantage-card-hit-cyber-attack-12353238/
TPRM report: https://scoringcyber.rankiteo.com/company/boots
"id": "boo2325221222",
"linkid": "boots",
"type": "Data Leak",
"date": "03/2020",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': '150,000',
'industry': 'Pharmacy and Healthcare',
'name': 'Boots',
'size': 'Large',
'type': 'Retail'}],
'attack_vector': 'Account Compromise',
'data_breach': {'number_of_records_exposed': '150,000',
'sensitivity_of_data': 'Low',
'type_of_data_compromised': 'Loyalty Points'},
'description': 'Hackers broke into Advantage Card accounts to steal '
'customers’ reward points to spend on themselves.',
'impact': {'data_compromised': 'Loyalty Points',
'systems_affected': 'Customer Database'},
'motivation': 'Financial Gain',
'threat_actor': 'Unknown Hackers',
'title': 'Boots Loyalty Card Points Theft',
'type': 'Data Breach'}