Woolworths customers have flocked to social media with complaints after losing hundreds of dollars in Everyday Rewards points to scammers who hacked their accounts.
One furious customer shared to the Woolworths Facebook page she had her entire Everyday Rewards points account drained by scammers who stole $250 she had been saving for Christmas.
“Thieves are at it again. I just had $250 reward dollars stolen. I just went to use mine in my local Woolworths and it was all gone,” the shocked shopper wrote.
“I have their receipt and I hope they choke on the Lindt chocolates they bought along with all the steak. They even paid the remainder with their American Express card which no doubt was stolen,” she added.
The angry shopper said she hopes Woolworths investigates her case as they have the thieves' card number and the time it occurred in-store, so it all should be on camera.
She warned: “Be careful people.”
Woolworths urges customers to 'remain vigilant of scams'
A Woolworths spokesperson told Yahoo News Australia the supermarket had been assisting a small number of members who appeared to be the victims of unauthorised access to their Everyday Rewards accounts.
"In the cases reported to us, accounts have been accessed using valid login or account details," the spokesperson explained.
"We’ve found no evidence to suggest our IT systems have been breached or compromised in any way. This indicates fraudsters have likely obtained these members' login credentials and account details from online scams or other sources."
The spokesperson added instances such as this served as timely reminders for people to ensure they had strong unique passwords, update them regularly and remain vigilant of scams.
"If ever a member believes there has been fraudulent activity on their account, we encourage them to contact us, so we can immediately secure their account and reinstate any points."
Hackers get around Woolworths shopper’s two-factor verification
Meanwhile, a second shopper told Yahoo News Australia hackers were somehow able to get around the two-factor verification security on her Everyday Rewards account and ended up stealing more than $100.
“Every time I log in I have a code sent to my phone and a code to my email and I got neither when this person got into my account,” the stunned shopper explained.
The shopper explained Woolworths assured her that she would get her points back, but they were unable to give her a timeframe.
“It is very frustrating as I was meant to use my rewards on my Christmas food shopping," she added.
Additionally, a third Woolworths customer told Yahoo News Australia she noticed $670 was stolen from her account when she checked the app ahead of Christmas shopping.
“I saw that I only had $20 to spend. I looked at my transaction history and saw an invoice in Melbourne for $670,” she said.
“I was really pissed. I still haven't gone Christmas shopping yet. I had been saving those points for two years."
Do you have a story tip? Email: email@example.com.