More than 2,000 login details of Tesco.com users collected by hackers were posted online yesterday.
Tesco has deactivated some user accounts after finding out about the security breach.
A Tesco spokesman told the BBC: “We have contacted all customers who may have been affected and are committed to ensuring that none of them miss out as a result of this.”
“We will issue replacement vouchers to the very small number who are affected.”
In a separate incident last week, Tesco found it had displayed a wrong price tag on a trampoline. The retailer then decided to contact all customers via email to inform them that their order would not be completed.
However, Tesco accidentally sent out an email including all of the recipients’ email addresses in the ‘to’ field. This meant that email addresses of thousands of Tesco customers could be seen by anyone who received the email.
A Tesco spokesman said: “The security of our customer’s data is of the utmost importance to us, and we apologise sincerely to any of our customers who were affected. We are conducting a thorough review of our processes to ensure this never happens again.”