Loblaw resets passwords for PC Plus accounts following security breach

Members are being asked to create new, unique passwords

Loblaw has reset passwords for all its PC Plus rewards collectors' online accounts after points were stolen from some members' accounts.

The company posted a warning on its website saying it requires all members to create new passwords -- regardless of whether or not they changed them following the recent security breach.

Earlier this month, Loblaw urged members to create unique, secure passwords after some people noticed their points were missing.

The company said at the time the breach stemmed from people using favourite or weak username and password combinations across multiple sites. Those were stolen from other sites and used to access PC Plus accounts.

“There have been a number of high-profile privacy breaches recently, most notably Yahoo and LinkedIn, where large numbers of usernames and passwords were accessed,” Kevin Groh, vice-president of corporate affairs and communication for Loblaw Companies told Canadian Grocer at the time.

“If someone uses a favourite username and password for multiple sites, and one of those sites is exposed, their other accounts can be exposed too.”

The company said it's reimbursing members whose points were stolen.

This ad will auto-close in 10 seconds