View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

What went Wonga? Payday loans firm hit by massive data breach

How many will be struck by the Wonga data breach?

By Tom Ball

Up to 245,000 Wonga customers may have been affected by a massive data breach that allegedly led to the theft of sort codes, account numbers, names, and addresses.

The number of affected customers could be as high as 270,000 when taking into account customers outside of the UK, 25,000 of whom are located in Poland.

On an information and FAQ page provided by Wonga, the loans firm said: “We believe there may have been illegal and unauthorised access to the personal data of some of our customers.”

Despite the anxiety-limiting approach by Wonga to informing customers, the involvement of financial information in the breach makes the matter all the more severe.  As reported by the BBC, Professor Alan Woodward, a cybersecurity expert and the University of Surrey said that this breach was “looking like one of the biggest” of its kind seen in the UK.

The payday loan provider shared a message of precaution on the same page, deflating the original concern surrounding the breach. Wonga said: “We do not believe your Wonga account password was compromised and believe your account should be secure, however if you are concerned you should change your account password. We also recommend that you look out for any unusual activity across any bank accounts and online portals.”

This data breach joins a growing chain of incidents that are also increasing in frequency. Only recently The Association of British Travel Agents (ABTA) sustained a major cyber-attack which left up to 43,000 people at risk.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
                READ MORE: NHS Wales staff data stolen in cyber security breach

Kevin Cunningham, president and co-founder of SailPoint said: “This data breach from Wonga shows that incidents are an everyday occurrence that businesses must counteract or risk a significant impact to their bottom-line as well as customer loyalty.”

With the stream of breach attempts turning into a torrent, it is becoming more and more necassart that all areas are secure, and that everyone is on the same page regarding cyber security.

Mr Cunningham said: “Businesses house more and more sensitive data, therefore everyone from the executive level down needs to ensure there is a collaborative effort from internal staff to protect sensitive customer information and ultimately, the health and longevity of the company.”

This latest major data breach will fan the flames of the current atmosphere surrounding data breaches, and will ramp up the pressure on finding a way to handle this persistent threat.

David Emm, principle security researcher at Kaspersky Lab said: “This is yet another case of a data breach, further underlining the need for regulation. It’s to be hoped that GDPR (General Data Protection Regulation), which comes into force in May 2018, will motivate firms to, firstly, take action to secure the customer data they hold, and secondly, to notify the ICO of breaches in a timely manner.”


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.