Categories: CyberCrimeSecurity

Debenhams Hack Leaks Personal Details Of 26,000 Customers

The latest high-profile security incident to hit the headlines has resulted in the theft of personal and financial data from retailer Debenhams.

The company admitted that Debenhams Flowers, its online florist business, was the victim of a cyber attack in which data for around 26,000 customers is believed to have been stolen through a third-party.

The intruders got away with names, addresses and financial details after having access to Ecomnova, the operator of, for over six weeks.

Data breach

Debenhams chief executive Sergio Bucher apologised for the leak, saying: “As soon as we were informed that there had been a cyber attack, we suspended the Debenhams Flowers website and commenced a full investigation.

“We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk.”

Those customers affected by the breach have been informed and the online florist website has since been suspended, as have the three other Economova-run sites for hampers, personalised gifts and wine, although it is not clear if the other three were also breached.

Debenhams said it “can be confident” that customers of its main website,, were not affected.

The company has also informed the Information Commissioner’s Office (ICO) about the malware-based attack and contacted customer’s banks to ask them to block payments cards and issue customers with new ones.

Dr Jamie Graves, CEO at ZoneFox, commented on how the news emphasises the importance of properly vetting third-party vendors. “[The breach] highlights the ever-increasing importance of having 360-degree visibility over all your data flow,” he said.

“Whether the data sits in your business or your partners, this 20/20 vision around your data allows businesses to monitor for risky activities and behaviour that might be putting your data at risk. Such an approach goes a long way to ensuring that a breach – whether third-party or not – is identified and dealt with as quickly as possible.”

Debenhams isn’t the first popular brand to suffer such an attack and it certainly won’t be the last. Just this week cyber criminals stole and released new episodes of Netflix show ‘Orange Is the New Black’, also through a third-party partner.

In April, payday loan company Wonga suffered a data breach affecting 245,000 UK customers, after a technical glitch at Three saw customers presented with the account details of other subscribers.

Do you know all about security in 2017? Try our quiz!

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Google Fiber Plans US Network Expansion – Report

Google Fiber resurfaces. Network to be expanded to offer speedy internet connectivity to cities in…

8 hours ago

Samsung Unveils Two New Folding Smartphones

Foldable updates from Samsung. include new versions of its pocket sized square (Galaxy Z Flip…

8 hours ago

Elon Musk Sells Tesla Shares Worth $6.9 Billion

Tesla CEO Elon Musk admits he could need the funds if he loses legal showdown…

10 hours ago

Facebook At Centre Of US Teenager Home Abortion Case

Court documents show Facebook provided police in the US state of Nebraska with a teenager's…

12 hours ago

President Biden Signs $53 Billion US Chips Act

President Joe Biden signs landmark bill to encourage chip makers to build more semiconductor manufacturing…

13 hours ago

WhatsApp Update To Allow Users To Leave Groups Silently

Privacy changes to WhatsApp. No more blanket notifications to a group if a user decides…

14 hours ago