- Exclusive: 17k Tesco Travel Money customer details have been leaked
- Travelex runs the service and says those hit have been contacted
- Travelex says it is investigating how the data breach happened
Travellers who have bought currency at Tesco in the past may have had their details leaked, This is Money can exclusively reveal.
The service is run by currency giant Travelex for orders made over the telephone and online. It confirmed 17,000 Tesco Travel Money customers have had personal information stolen, including full names and addresses.
The compromise also includes e-mails sent from staff to customers, and internally.
Data leak: Travelex – which runs Tesco Travel Money’s online and telephone currency service – has confirmed the data leak.
Those who have purchased their currency online or over the telephone at Tesco to collect in branch or delivered at home could have been hit.
On its website, Tesco says it has been voted travel money provider of the year at the personal finance awards 2017/18 – the third consecutive year it has won it.
Tesco, Britain’s biggest supermarket, is a popular place to pick up currency as many of its large stores have a dedicated section next to customer services providing the service.
People can secure a rate online or over the telephone to collect when they do their shop.
We asked Tesco whether the data leak was linked to the potential compromise of credit card customers last week – and it says it isn’t.
A Travelex spokesman confirmed the breach.
A company spokesman told This is Money: ‘We are urgently investigating how some customer data was recently discovered to have been disclosed externally.
‘All affected customers have been contacted with advice on what precautionary action to take.
‘We are confident that no financial information has been disclosed.
‘The security of our customers’ information is paramount and a full investigation is underway.
‘We are sorry to all our customers affected if there has been any inconvenience caused as a result of this incident.’
Travelex says details that have been leaked includes full names, date of birth, home and mobile phone numbers, addresses, e-mail addresses and IP addresses.
It also says credit and debit card numbers were exposed, however, the numbers were masked in compliance with payment card industry standards, rendering them unidentifiable to an individual card.
It adds that no CVV numbers or expiry dates were exposed.
THIS IS MONEY’S FIVE OF THE BEST CREDIT CARDS