If you're a Boots Advantage Card customer, you'll know the joys of checking your points to find out you've got enough for a pricey bottle of perfume or a free lunch. But that's coming to a temporary halt after a hacking attempt.
Boots has assured customers that its own systems are intact, and that the hacking attempt was limited to trying to access customer accounts using passwords from other sites. No credit card details were compromised, and less than one per cent of Boots Advantage Card customers were affected.
The investigation is ongoing, so the retailer couldn't give an exact number of those affected, but at the moment, it's less than 150,000 of its 14.4 million active card users.
To ensure that the free money you've earned by shopping at the store isn't frittered away by dickhead criminals, all Advantage Card payments have been put on hold for now, but fret not! You can still earn points as usual.
Boots will be contacting affected customers by post - the fastest and most effective means of communication. It's also made it clear that the data breach isn't anything to do with Boots. The information is obtained when hackers have a list of usernames and passwords from past breaches, and use those details to try to log into other sites, because people are dumb, lazy, or bot, and don't switch up their login details between their different accounts.
"It would be a good idea for people to check they have implemented two factor authentication on each of their accounts as this makes the password stuffing attack that much harder," said cyber-security specialist Jake Moore.
"My further advice is to use a password manager to store your uniquely different passwords robustly online so you don't have to remember them all." [BBC News]