Thousands of Debenhams flower delivery service customers who ordered bouquets online have card details stolen

Thousands of Debenhams flower delivery service customers who ordered bouquets online have card details stolen
May 05 10:58 2017 Print This Article
  • 26,000 personal details stolen in cyber attack at Debenhams Flowers
  • Website was run by third party which also does its wine and hampers
  • Debenhams says its clothing website not affected by the hack
  • Affects more customers than the TalkTalk hack October 2015

Thousands of customers who have used Debenhams Flowers to order bouquets in the last few months have had their personal data stolen, it has confirmed.

The malware-based attack happened between 24 February and 11 April but was only confirmed nearly three weeks later. The period would have been a peak time for ordering flowers online, with Mother’s Day falling on 26 March.

The hack has seen 26,000 payment details, names and addresses accessed or stolen meaning those who have used the service between those dates need to contact their bank.

This number is some 10,000 higher than the well-documented TalkTalk hack in October 2015.

Debenhams says the website – which has been taken down – is run by a third-party supplier, Ecomnova and that customers of its clothing website have not been affected.

Ecomnova, which on its website says it is just two years old, also operates Debenhams websites for wine, hampers and personalised gifts.

These have also been suspended, but Debenhams has not revealed whether customers who have used these sites in the past have also had details compromised.

In a statement, it says that users of ‘can be confident they are unaffected by this attack.’

It added: ‘All affected customers have been contacted by Debenhams to inform them of the incident.

‘We are working with Ecomnova to ask the banks of those affected to block payment cards of those customers affected and issue customers with new cards.’

Debenhams goes on to add that the incident has been reported to the Information Commissioner’s Office. This is the UK’s independent body for upholding the Data Protection Act.

An ICO spokesman said: ‘Businesses and organisations are required under the Data Protection Act to keep people’s personal data safe and secure.’

The ICO fined telecoms firm TalkTalk £400,000 after nearly 16,000 bank account details and sort codes were stolen.

Sergio Bucher, Debenhams chief executive, said: ‘As soon as we were informed that there had been a cyberattack, we suspended the Debenhams Flowers website and commenced a full investigation.

‘We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk.’


Debenhams advice to customers:
– You should notify your bank or credit card supplier and request that the payment card that you used on the Debenhams Flowers website between 24th February and 11th April 2017 is blocked and a new card is sent, to minimise any risk of fraud
– Check for suspicious or unexpected activity on that account
– Be suspicious of any unsolicited emails, calls or texts, even if appearing to be from a company you know. Do not open email attachments, click through onto links or disclose any financial or personal details on a cold call
– If you suspect that you have been the victim of fraud, you should contact Action Fraud.
– Ensure that your software, including anti-virus software is up to date
– Reset your password for any accounts where you use the same password for Debenhams Flowers. Set a secure password that includes capital letters and numbers

This article and any associated images were originally published here:

view more articles

About Article Author

GDPR Associates
GDPR Associates

View More Articles
write a comment

1 Comment

  1. jarred_finley
    October 09, 06:06 #1 jarred_finley

    Excellent blog you have here.. It’s difficult to find quality writing like yours nowadays.
    I honestly appreciate individuals like you! Take care!!

    Reply to this comment

Add a Comment