Debenhams said its Flowers website suffered a massive cyberattack compromising the personal and payment card details of up to 26,000 customers. The British retailer said hackers targeted Ecomnova, the third-party partner that operates Debenhams' flower and gifting websites.
The company said customers' names, addresses, email addresses and passwords and payment card details were potentially accessed or stolen in the attack. However, it noted that the incident only affected Debenhams Flowers customers and not customers of its main, separate Debenhams.com site. The breach, which took place between 24 February and 11 April, was reportedly discovered on 29 April.
"As soon as we were notified about the incident we instructed Ecomnova to suspend the Debenhams Flowers site until further notice," the retailer said.
Debenhams said it has contacted customers whose data may have been swiped in the attack and launched a full investigation into the attack.
"Our communication to affected customers includes detailing steps that we have taken and steps that those customers should take," the company said in a statement. "We are working with Ecomnova and all relevant authorities to investigate this attack and apologise to all customers affected."
However, many customers took to social media questioning why the company took several days to notify them about the breach.
0 comments: