Wonga Suffers Mass Data Breach Affecting 245,000 UK Customers

Stolen data from customers in the UK and Poland includes names, addresses and credit card information

Payday loan company Wonga has admitted to suffering a data breach that could have resulted in the theft of the personal data of 245,000 UK customers.

The firm said  it believes there has been “illegal and unauthorised access to the personal data of some of our customers” and that it is “urgently working to establish further details and contacting those who we know have been impacted”.

The stolen data affecting customers in the UK and Poland includes email addresses, home addresses, phone numbers, bank account numbers and sort codes.

Wonga © Wonga


Wonga breach

The controversial loan company has assured customers that full card details were not taken, but hackers might have got their hands on the last four digits of bank card numbers, which are used by some banks for authentication purposes.

Wonga also says it doesn’t believe that account passwords were accessed, but recommends users change their passwords, alert their banks and look out for any unusual activity across bank accounts and online portals.

“Beware of scammers or unusual online activity”, the company advises. “Be cautious of anyone who calls you and asks you to disclose any personal information regardless of where they say they are from. If this happens, we recommend that you hang up.

“We take issues of customer data and security extremely seriously. Cyber attacks are, unfortunately, on the rise. While Wonga operates to the highest security standards, these illegal attacks are unfortunately increasingly sophisticated. We sincerely apologise for the inconvenience and concern this has caused.”

After a record year for data breaches in 2016 where the likes of Yahoo and British software firm Sage became high-profile victims, the trend has not shown any signs of slowing in 2017.

The Welsh NHS has been one of the biggest casualties so far, after data belonging to thousands of staff was stolen from a server run by a private contractor.

Cyber criminals have also recently stolen the data of 43,000 holidaymakers from travel agent industry body ABTA and confidential Athlete data has been put at risk after an attack on the International Association of Athletics Federations (IAAF).

Do you know all about security in 2016? Try our quiz!