Categories: CyberCrimeSecurity

Debenhams Hack Leaks Personal Details Of 26,000 Customers

The latest high-profile security incident to hit the headlines has resulted in the theft of personal and financial data from retailer Debenhams.

The company admitted that Debenhams Flowers, its online florist business, was the victim of a cyber attack in which data for around 26,000 customers is believed to have been stolen through a third-party.

The intruders got away with names, addresses and financial details after having access to Ecomnova, the operator of DebenhamsFlowers.com, for over six weeks.

Data breach

Debenhams chief executive Sergio Bucher apologised for the leak, saying: “As soon as we were informed that there had been a cyber attack, we suspended the Debenhams Flowers website and commenced a full investigation.

“We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk.”

Those customers affected by the breach have been informed and the online florist website has since been suspended, as have the three other Economova-run sites for hampers, personalised gifts and wine, although it is not clear if the other three were also breached.

Debenhams said it “can be confident” that customers of its main website, debenhams.com, were not affected.

The company has also informed the Information Commissioner’s Office (ICO) about the malware-based attack and contacted customer’s banks to ask them to block payments cards and issue customers with new ones.

Dr Jamie Graves, CEO at ZoneFox, commented on how the news emphasises the importance of properly vetting third-party vendors. “[The breach] highlights the ever-increasing importance of having 360-degree visibility over all your data flow,” he said.

“Whether the data sits in your business or your partners, this 20/20 vision around your data allows businesses to monitor for risky activities and behaviour that might be putting your data at risk. Such an approach goes a long way to ensuring that a breach – whether third-party or not – is identified and dealt with as quickly as possible.”

Debenhams isn’t the first popular brand to suffer such an attack and it certainly won’t be the last. Just this week cyber criminals stole and released new episodes of Netflix show ‘Orange Is the New Black’, also through a third-party partner.

In April, payday loan company Wonga suffered a data breach affecting 245,000 UK customers, after a technical glitch at Three saw customers presented with the account details of other subscribers.

Do you know all about security in 2017? Try our quiz!

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

18 mins ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

2 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

5 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

5 hours ago

Dutch PM Raises Cyber Espionage Case With China’s Xi

Beijing visit sees Dutch Prime Minister Mark Rutte discuss cyber espionage incident with Chinese President…

6 hours ago

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

22 hours ago