Hackers have stolen the personal data and financial details of tens of thousands of Debenhams customers, the company has admitted.
In a cyber attack against a third party firm that runs the retailer’s online florist, Debenhams Flowers, hackers managed to take the names, addresses and financial information of 26,000 customers.
Cyber criminals had access to the systems of Economova, the third party company that operates DebenhamsFlowers.com, for more than six weeks, according to Debenhams.
Economova runs four sites for Debanhams, including its hampers, personalised gifts and wine online stores.
Debenhams suspended all four Economova-run sites on discovering the attack and contacted affected customers. It assured retail customers of its main site that they “can be confident” their information has not been compromised.
“As soon as we were informed that there had been a cyber attack, we suspended the Debenhams Flowers website and commenced a full investigation,” said Sergio Bucher, chief executive of Debenhams, according to Sky News.
“We are very sorry that customers have been affected by this incident and we are going everything we can to provide advice to affected customers and reduce their risk.”
The company said it has contacted affected customers and informed them of the incident. DebenhamsFlowers.com was still offline as of writing.
It added that it is working with Economova to contact victims’ banks and request them to block payments and issue new cards.
It is not clear who was behind the attack, but the hackers allegedly gained access to Economova’ systems using malicious software.
The Information Commissioner’s Office said it is aware of the reports and is making enquiries.
Was I affected and how can I protect myself?
Debenhams has contacted all customers whose information may have been stolen in the attack. You are advised to check for correspondence from the company if you have used the flowers service.
If Debenhams has been in touch you should contact your bank immediately and change the passwords on your online accounts, as a precaution. In the event that Debenhams hasn’t contacted you but you’re worried you may have been affected, it is advisable to get in touch with them directly.
Customers should also monitor their bank balances closely and be suspicious of unsolicited emails, post and phone calls. Scammers have been known to use the details stolen in hacks to gather more personal information from victims through correspondence.