Categories: CyberCrimeSecurity

Debenhams Hack Leaks Personal Details Of 26,000 Customers

The latest high-profile security incident to hit the headlines has resulted in the theft of personal and financial data from retailer Debenhams.

The company admitted that Debenhams Flowers, its online florist business, was the victim of a cyber attack in which data for around 26,000 customers is believed to have been stolen through a third-party.

The intruders got away with names, addresses and financial details after having access to Ecomnova, the operator of DebenhamsFlowers.com, for over six weeks.

Data breach

Debenhams chief executive Sergio Bucher apologised for the leak, saying: “As soon as we were informed that there had been a cyber attack, we suspended the Debenhams Flowers website and commenced a full investigation.

“We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk.”

Those customers affected by the breach have been informed and the online florist website has since been suspended, as have the three other Economova-run sites for hampers, personalised gifts and wine, although it is not clear if the other three were also breached.

Debenhams said it “can be confident” that customers of its main website, debenhams.com, were not affected.

The company has also informed the Information Commissioner’s Office (ICO) about the malware-based attack and contacted customer’s banks to ask them to block payments cards and issue customers with new ones.

Dr Jamie Graves, CEO at ZoneFox, commented on how the news emphasises the importance of properly vetting third-party vendors. “[The breach] highlights the ever-increasing importance of having 360-degree visibility over all your data flow,” he said.

“Whether the data sits in your business or your partners, this 20/20 vision around your data allows businesses to monitor for risky activities and behaviour that might be putting your data at risk. Such an approach goes a long way to ensuring that a breach – whether third-party or not – is identified and dealt with as quickly as possible.”

Debenhams isn’t the first popular brand to suffer such an attack and it certainly won’t be the last. Just this week cyber criminals stole and released new episodes of Netflix show ‘Orange Is the New Black’, also through a third-party partner.

In April, payday loan company Wonga suffered a data breach affecting 245,000 UK customers, after a technical glitch at Three saw customers presented with the account details of other subscribers.

Do you know all about security in 2017? Try our quiz!

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Mozilla Drops ‘Do Not Track’ For Upcoming Firefox Browser

The forthcoming Firefox 13.5 will not include a 'do not track' option, as the opt-out…

4 hours ago

UN Body To Protect Subsea Cables Holds First Meeting

United Nations body to protect undersea communications cables that are crucial for international trade and…

20 hours ago

Meta Donates $1 Million To Donald Trump Inauguration Fund

Weeks after CEO Mark Zuckerberg met with Donald Trump privately at Mar-a-Lago, comes news of…

22 hours ago

US To Raise Tariffs On Chinese Solar Wafers, Polysilicon, Tungsten

Protecting American clean energy businesses. Biden administration plans to raise tariffs on certain Chinese products

23 hours ago

Australia To ‘Charge’ Tech Firms For News Content, After Meta Ends Licensing Deal

News fee. Australia looks introduce mandatory charge on social media platforms and search engines to…

23 hours ago