Anyone else here a registered customer of John Lewis and received an email saying "We've received a request to set up or change your John Lewis & Partners online account password... If you haven't requested a new password, please call us on 03456 049 049"?
Apparently, a server was reset, triggering the same message to every John Lewis customer, but I haven't seen any news of this, and it must have affected many thousands of people.
John Lewis Customer Services were laughing about it, but you could tell this is all they have had to deal with all day!
I initially regarded it as phishing but the number they listed to call was genuine. I checked but still called them although via the real John Lewis site rather than the suspect email. They made light of the whole thing but it's errors like this that enable the scammers to thrive.
JL should have sent emails to all its registered customers explaining the mistake, but was probably scared that the error would then go public and they'd get exposed and maybe even sued under GDPR, although I don't believe they broke any rules.
"And I would have treated it as Spam and deleted it"
As would I as it sounds very similar to the HMRC scam that is going about!
I used John Lewis once last autumn, but don't see any email regarding that. I use an email address for all my retail related stuff so don't actually look on it very often. Does that mean that I'm not affected?
"You may have received an email from us recently asking you to reset your account password for our website.
The safety and protection of our customers’ details is extremely important to us, so we’d like to reassure you that your account remains secure.
This email was sent in error and so we’d like to apologise for any inconvenience caused. If you didn’t request a new password, there is no need to reset and it’s not necessary for you to contact Customer Services as suggested in the email."