Shoppers slam Morrisons after loyalty points stolen
The Morrisons More loyalty scheme gives customers five points for every £1 spent in-store, online or at one of its cafes. You also get five points when you buy a litre of fuel at Morrisons and 25 points for every £1 spent on gift cards. Cardholders get a £5 More voucher for every 5,000 points they collect.
But shoppers who have been saving their points for a big Christmas shop have been shocked to find they have a lot less points than they thought, with some discovering their points have been spent hundreds of miles away from way they live.
To compound things, Morrisons has refused to refund those affected.
Customers have posted to a Facebook group titled Morrisons – more reasons not to shop complaining of missing points.
One user wrote: “I had all of my More points stolen last week too – £40 worth. The transaction on my account was processed in Leicester area on Wednesday 6th November.”
Another user replied: “My points were stolen too… the points were used hundreds of miles away… and like everyone else they took no responsibility for it.”
The comments are among numerous posts of shoppers complaining their points are missing – and Morrisons isn’t helping them. The supermarket has been directing users to https://haveibeenpwned.com/ where people can check if their account has been compromised in a data breach.
Aman Johal, director of Your Lawyers, said: “The Morrisons loyalty card hack, which has seen hundreds of pounds worth of points stolen, is another example of hackers preying on weaknesses for easy gains. It is alleged that hackers have used compromised login details from other data breaches to break into Morrisons customer loyalty accounts, with the supermarket accepting no responsibility for what has happened.
“This case is a stark reminder that many consumers still do not realise that they have been part of a data breach and may continue to use the same compromised login details for many different online platforms, and it is not an isolated incident. Morrisons has tried to wash their hands of blame for the hack, but companies should take more responsibility to assist and advise their customers when it comes to security precautions, especially with things like using different login credentials when setting up new accounts.”