Tesco has deactivated some of its online accounts after usernames and passwords were collected by hackers in a cyber attack.
A list of more than 2,000 customers' login details were posted on a text-sharing website, with the details obtained by hackers using data stolen from other websites.
The supermarket giant has deactivated the accounts as a precaution and has said it is investigating the breach.
According to the BBC, the attack occurred when hackers used password and email combinations taken from other security breaches from other websites and used them on the Tesco site.
Earlier this week, a study released by security expert Imperva found that thousand of consumers were leaving themselves at risk because of the simplicity of their passwords.
It found that a third of people choose passwords made up of six characters or fewer, while nearly 50% of users used names, slang words, dictionary words or trivial passwords such as consecutive digits, or adjacent keyboard keys.
Around 50% of people also use the same (or very similar) password for all the websites they use, leading to concerns that they are unwittingly leaving themselves at risk of online fraud