Sign up for our newsletter
Technology / Cybersecurity

43,000 customers could be hit after loyalty card cyber attack

Tens of thousands of customers who booked getaway breaks have potentially been affected by a security breach at a company, which operates a loyalty scheme on behalf of major retailers.

Credit and debit card details belonging to customers of Super Valu, Axa and Stena Line may have been compromised following a cyber attack at LoyaltyBuild, an Irish firm that operates loyalty schemes on behalf of the three companies who customers booked the holidays through.

Customers who booked the getaways in the past 90 days could be affected, the firm warned.

However, LoyaltyBuild stressed that the CVV (Card Verification Value) numbers, generally needed to complete online transactions, were not stored.

White papers from our partners

Some 39,000 Super Valu customers from the Republic and Northern Ireland booked breaks, another 50 with Stena Line and 4,368 with insurance giant Axa, it said.

Another 102,000 customers in Norway and Sweden may also be affected.

The suspicion about a possible breach emerged on October 25, where a team of security specialists were appointed to determine what had happened.

On October 30 it emerged that a breach may have occurred and it contacted the Data Protection Commissioner (DPC) two days later.

"Loyaltybuild’s notification was precautionary as Loyaltybuild had no, and indeed still has no, evidence to show that personal data has been compromised," it said. has reported that a spokesman for the Data Protection Commission said its systems were encrypted, and it was not clear how much information had been taken.

"It is still to be determined what information the attacker was able to gain access to," they said.

"The systems were encrypted, including credit card and contact numbers. They (LoyaltyBuild) took the step of notifying individuals just in case.

"The main thing is people should monitor credit card use on their accounts or take measures to alter their details like PIN numbers, or seek advice from their credit card provider. The company may have taken measures to seek advice from credit card advisers to flag certain accounts.

"It’s a priority for them to get to the bottom of finding out the extent to which any information has been compromised. It may take a few days and we’ll be in contact with them."

Cybersecurity specialists Checkpoint, in light of this story and other recent breaches, have said that users need to beware of phishing emails which may come from third-parties posing as LoyaltyBuild or one of its partners to try and trick users into giving other sensitive information.

Check Point’s UK technical director Tom Davison said: "The company has done the right thing in notifying those potentially affected by the breach, and customers’ details are encrypted, which is good news. However, loyalty scheme users should be cautious about clicking on links in emails which claim to be from the company, no matter how authentic they seem to be. There’s a risk that external parties could use the details exposed in the attack to send phishing emails to users, to try and harvest sensitive data.

"These attacks against companies with the aim of stealing customer data are a real issue. We recently surveyed over 2,600 C-level and IT staff at firms globally, and found they reported an average of 68 new security attack attempts per week, with data theft as the main objective."

Last month, hackers managed to obtain personal information of more than 38 million Adobe customer accounts during a cybersecurity breach revealed about a month ago, which is far bigger compared to the initially reported 2.9 million users.

According to the software maker, hackers had pinched part of the source code to Photoshop editing software, which is extensively used by photography professionals.

The cybersecurity breach, reported on 03 October, saw hackers accessing Adobe users’ names in addition to credit and debit card numbers and expiration dates.

Adobe spokesperson Heather Edell was cited by Krebs as saying that the firm has completed a campaign to contact active users whose user IDs with valid, encrypted password information was stolen, advising those users to reset their passwords.

"So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and, encrypted passwords for approximately 38 million active users," Edell said.

"We have completed email notification of these users.

"We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident — regardless of whether those users are active or not."
This article is from the CBROnline archive: some formatting and images may not be present.