To boycott Morrison's?

[spongejack]

It would seem that odd Christmas that Morrison's had a fairly widespread attack on their match and more cards. I accept that this is due to having the same passwords for other sites and I've been "pwned" but Morrison's were aware that they were being targeted and did not email their customers. Our points were used miles away from us, I'm sure nectar have a rule about using a large amount of points away from your "usual" store, it might be if you want to buy an item with your nectar points rather than discount on. Shop but still it's a security measure.

So I've lost £35 not a huge amount but I feel to boycott Morrison's as they have still not emailed their customers warning them what's happening.

They'll lose a lot more than £35 from me, I used to shop there a lot,

God, idk how I'd cope if I didn't reuse passwords, do you all have a big list somewhere with every website you've signed up to and each individual password?

Hence, as I’ve repeatedly said, an email would not make a jot of difference because you have the same attitude of so many: “it’s not my fault!”.

I like using the same passwords but if I had an email saying a site I used had been compromised etc and a suggestion to change password due to it... I would.

How do you store up £35? I just get a £5 voucher spat out of the till when I get to 5000 points, there’s no option to store them up is there?

@heartsonacake you've explained fuck all about the email only in your opinion it wouldn't work.... it might've worked for some, one, ten, 1000 DP was worth doing? It would've cost them jack shit to do it?

@TooleyVanDooley I switched to app vouchers, primarily because they don't expire like the paper ones. More fool me! 🙄

It's quite common for people to use the same or similar passwords for low value sites thsts why this type of attack is so successful

@heartsonacake I ha e not blamed them for the attack, I've blamed them for knowing of the attack and not acting

Bangs head against wall, why do some posters only read what they want to see!!

Morrissons seems pretty keen in general on skirting data protection law, they're currently fighting a fine on a data breach of their employee data in 2014 . . .

I would never trust them with my data again, and probably find a new place to do groceries, although I can imagine depending on where you're located this might be difficult to do. Definitely file a report to the ICO ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/

Exactly @slipperywhensparticus!

This is the first I’ve heard about this. I was just thinking the other day that I haven’t heard much from Morrison’s, I didn’t get any vouchers in the run up to Christmas. They always sent the vouchers to spend so much and get so many extra points, then a few months ago they just stopped. I am wondering if this lack of communication and vouchers is linked to this breach.

Possibly @DecomposingRat but I shouldn't be alerting you to this? Morrison's should'

God, idk how I'd cope if I didn't reuse passwords, do you all have a big list somewhere with every website you've signed up to and each individual password?
There are many different password managers you can use to store and autocomplete your passwords.

I can see it now...

Customer receives an email from XXX telling them that they urgently need to change their password for security reasons.

Customer thinks "Yeah, right, I didn't come down in the last shower". Deletes without reading more than the first sentence.

@unbaffled but many won't do that.....

I have no skin in this particular game, but I have to say I agree with @spongejack when she says that, once they knew there had been an attack

Morrisons themselves where probably not totally aware of an attack, plus every site that holds information is under constant attack.

It is basic internet security though, do not use the same password across multiple sites, that is on you. I'm sure morrisons wont really worry about losing you so if you want to boycott them fine, wanting others to raise the pitchforks alongside you is not going to happen.

Treat it as lesson learnt.

@Justanotherlurker they were aware, a simple google search will confirm that.

TooleyVanDooley

How do you store up £35? I just get a £5 voucher spat out of the till when I get to 5000 points, there’s no option to store them up is there?*

You can configure your preferences on the Morrisons app or online account. Mine are set to save up and not print automatically.

Morrison's have been having issues with this for years. I started boycotting them five years ago for the same issue...

I shop at Morrisons and I have never had a password. And they are a good supermarket, what is exactly your problem??

@Mum2jenny you don't use the online app? Hence no password 🙄

@AnchorDownDeepBreath well done'

they were aware, a simple google search will confirm that.

Care to provide a source, the match and more points hack I can find in the media is not showing that morissons was aware of a previous hack.

The attack in November last year was a new found vulnerability in certain scenarios, not much they could do, sticky IT issue of the constant nature of applying updates. It doesn't even add up to the OP using the same password, if people had emails suggesting changing passwords at every attempt of an attack, email filters would auto spam them.

If OP wants to boycott fine, if one thing op has learnt from losing £35 of vouchers is to not use the same passwords across multiple sites, that is almost worth it.

Wanting to hand out pitchforks is not really seeing the situation as to what it is.

OP they are More cards, not Match and More and they haven't been that for years now.

It doesn't even matter if you don't use the same password. As long as your email address has been compromised, Which they ask you to check with a link then that is their proof. Even if you have a single use password they use the same script again and again and then they refuse to engage.

It's been going on since at least 2018 and they still just shrug their shoulders and not our problem.

@elizalovelace what's the relevance of that comment?