Costa customers in a froth as hack takes loyalty club offline

DataIQ News

Coffee lovers might need a double espresso to get over the latest data  breach after Costa Coffee admitted hackers have broken into its loyalty scheme, plundered points from some accounts as well as customers' contact details.

In response to the attack, Costa Coffee has pulled its online system while it implements a new format for users' passwords to prevent the issue spreading.

Costa Coffee Club is promoted as a "little way of saying thanks" to its regular caffeine fixers, and offers 5p off future purchases for every pound spent in-store, as well as unlimited free Wi-Fi.

Costa confirmed that contact information from what the firm described as  "a very small number of loyalty card holders" had been compromised but insisted there was little to worry about as no financial information was held on the loyalty card system. 

In an email to members of the scheme, Costa said: "We are writing to let you know that we recently identified a small number of Coffee Club card members with some unusual activity on their accounts.

"As a result we've conducted a full security review and in the interim, removed the ability to access your Coffee Club account online.

"We have already contacted those customers affected and we are taking the additional precaution to reset the account passwords of every Coffee Club member. We are also introducing a new format for your password to further optimise security and protect your Coffee Club points."