An administrative blunder left thousands of customers of UK supermarket chain Tesco open to identity fraud.

Store receipts - containing names and full credit card details - have been found carelessly discarded in a south-east England depot where they'd been taken to be destroyed. The haul would have made a big payday for bin raiding crooks, who might have been able to use the information to complete fraudulent transactions.

The papers were taken to the Christian Salvesen recycling depot in plastic carrier bags - instead of secure containers - and left unattended, The Sun reports (http://www.thesun.co.uk/article/0,,2-2006570259,00.html). The UK tabloid was given a sample of receipts by workers concerned about the breach, and the lack of initial action by depot managers. The receipts came from Tesco's stores in Kent, Surrey, Essex and south east London.

After been informed about the problem, Tesco bosses have vowed to revamp security. ®

Related stories

Cloned US ATM cards: Can they fool Brit self-service checkouts? (29 August 2008)
http://www.theregister.co.uk/2008/08/29/cloned_us_atm_cards_in_uk/
Tesco beefs up under 20 quid software offering (19 July 2007)
http://www.channelregister.co.uk/2007/07/19/tesco_home_software_apps/
Blighty internet shopping goes ballistic (18 May 2007)
http://www.theregister.co.uk/2007/05/18/shopping_explosion_ladies_who_surf/
Tesco teams up with MyThings to 'trace' your valuables (3 May 2007)
http://www.theregister.co.uk/2007/05/03/tesco_mythings/
Massachusetts' top prosecutor laughs off credit card fraud (25 January 2007)
http://www.theregister.co.uk/2007/01/25/cc_fraud/
Hacking contactless credit cards made easy (24 October 2006)
http://www.theregister.co.uk/2006/10/24/rfid_credit_card_hack/
HSBC's cash crash forced me to work off my dinner (18 October 2006)
http://www.theregister.co.uk/2006/10/18/hsbc_atm_letters/
Brits bin their identity as ID thieves prosper (16 October 2006)
http://www.theregister.co.uk/2006/10/16/id_fraud_prevention_week/
Tesco self-scan tills 'open to card fraud' (5 October 2006)
http://www.theregister.co.uk/2006/10/05/tesco_security_loophole/
Europe may mandate data breach notification (13 September 2006)
http://www.theregister.co.uk/2006/09/13/europe_data_breach_law/
Wanadoo in customer data security flap (18 May 2006)
http://www.theregister.co.uk/2006/05/18/wanadoo_security_flap/
Chip and PIN fraud hits Lloyds TSB (11 May 2006)
http://www.theregister.co.uk/2006/05/11/lloyds_tsb_chip_and_pin_fraud/
Shell suspends Chip and PIN after £1m fraud (8 May 2006)
http://www.theregister.co.uk/2006/05/08/shell_suspends_chippin/
Fraud falling under Chip and PIN (14 March 2006)
http://www.theregister.co.uk/2006/03/14/chip_and_pin_security/