Office, the UK based online shoe store has received a warning from the Information Commissioner’s Office (ICO) where the imposing of a fine or stricter measures were imminent, in the aftermath of a data breach that compromised customer information.
Personal information such as contact details and website passwords of over a million customers were accessed by an outsider through an unencrypted Office database in May last year. However, it has been reported that no valuable financial data was compromised.
Office Holdings CEO Brian McCluskey spoke of the issue : “We take such a threat very seriously and have been in communication with our customers to advise them of the matter.”
“We can confirm that no credit card, debit card, PayPal or bank details were compromised in any way. In addition, we have reported the matter to the relevant authorities,” he further added.
“The breach has highlighted two hugely important areas of data protection – the unnecessary storage of older personal data and the lack of security to protect data,” notes ICO enforcement group manager Sally-Anne Poole.
She also pointed out the potential danger of having the same password on various online accounts. “This one incident could potentially have given the hacker access to numerous accounts that the clients held with other organisations, as passwords were included on the database in question,” she said.
Through ICO’s 9 month long investigation it has been revealed that there was no trace of the stolen information being passed on. However, Mr. McCluskey, has promised stringent measures like routine testing of the servers and systems, better data protection infrastructure and training for employees to avoid future mishaps.
(Image credit: Pixabay)