Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Daragh Brophy/TheJournal.ie

Loyaltybuild boss writes open letter apologising to customers as more firms hit by breach

The data breach has affected up to 1.5 million customers across Europe. The gardaí and the Data Protection Commissioner are investigating.

THE GENERAL MANAGER of Loyaltybuild, the Ennis-based company at the centre of a large scale investigation into a data-breach affecting up to 1.5 million people has said the company deeply regrets “any distress” caused by the criminal attack.

It comes as news emerges of more Irish companies whose customer details were taken in the breach. Centra, Pigsback.com and Clerys are among the latest firms to be embroiled in the controversy.

Peter Steenstrup writes that his company is “committed to providing as much information as we are permitted and as quickly as possible, however, this incident is the subject of a serious investigation by the Garda Bureau of Fraud Investigation and we are not permitted to discuss specific details of the breach.”

He says the company has ceased taking bookings via its website and by phone

“We have done this to enable our external data experts to complete their investigation into the attack and to put into place the necessary protections and certifications to give our customers the highest degree of confidence when booking with us in the future.

“Our investigation has shown that the breach was quite sophisticated, so it is vital that we work carefully not only to identify potential risks to consumers but also to preserve the evidence that will help the law enforcement authorities identify the perpetrators.

Steenstrup says that evidence gathered so far “suggests that separate batches of information have been compromised”.

“As these have been discovered, we have been informing the Office of Data Protection Commissioner in Ireland and the other necessary authorities as well as our clients for whom we operate the Loyalty and Incentive schemes.

“All our clients are being provided with full details of the impacted customers and how they were affected. Affected customers have been or will be hearing from our clients in this respect.”

Around 68 customers of Centra who took part in a vouchers promotion at the convenience store chain may have had their details taken, though the company say that only names, addresses and phone numbers were taken, not credit card details.
Pigsback.com said it had run a promotion with Loyaltybuild in 2005, and that some personal details of customers may have been compromised, but again no financial data.

It’s understood customers of Clerys, Postbank, Stena Line and Unislim in Northern Ireland may also have been affected.

Both the Office of the Data Protection Commissioner and gardaí are investigating the breach. Full card details of over 376,ooo people were taken by hackers, including those of some 70,000 Supervalu Getaway customers and more than 8,000 AXA Leisure Break customers.

Just under 7,000 customers at Electric Ireland have also been affected.

Read: Criminals “have all details needed to use credit cards”

Read: Supervalu payment card breach ‘more extensive’ than expected

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
14 Comments
    Install the app to use these features.
    Mute Mike McCarthy
    Favourite Mike McCarthy
    Report
    Nov 15th 2013, 2:13 PM

    They really need to release full details of all companies affected. Particularly those 376,000 which contain full credit card details. To date only 78,000 have been accounted for through Supervalue and AXA.

    The more they delay on this the worse it potentially could get.

    For all we know there could be details taken on behalf of Government payments (eg Road Tax, Licence Fees etc), including PPS numbers, they need to come clean fully ASAP. What’s the bloody delay about?

    69
    Install the app to use these features.
    Mute Popcorn
    Favourite Popcorn
    Report
    Nov 15th 2013, 2:02 PM

    A day late and a dollar short.

    34
    Install the app to use these features.
    Mute Barry O'Brien
    Favourite Barry O'Brien
    Report
    Nov 15th 2013, 4:09 PM

    Severe punishment not excluding prison time should be a possibility for people who fail to responsibly protect user data. Obviously if the person responsible can prove they took reasonable measures that should be taken into consideration, but the problem is that companies have no incentive to protect the data because the penalties are not harsh enough.

    19
    Install the app to use these features.
    Mute Inanimate Carbon Rod
    Favourite Inanimate Carbon Rod
    Report
    Nov 15th 2013, 7:20 PM

    This is the third time this week I’ve heard the manager of this company say ‘it was a sophisticated attack’. While the Data Commissioner has already stated that the credit card information was not encrypted AND that the CVV number were held in the same files.

    There was nothing sophisticated about this attack, any hacker with a bit of nous could have carried it out yet the LoyaltyBuild manager insists on continuing to spin the truth. They’re not to be trusted in the deed or in the aftermath.

    18
    Install the app to use these features.
    Mute AICS (Steve Tracey)
    Favourite AICS (Steve Tracey)
    Report
    Nov 15th 2013, 3:40 PM

    Big help for anyone who’s been ripped off

    12
    Install the app to use these features.
    Mute J. Dunn
    Favourite J. Dunn
    Report
    Nov 15th 2013, 1:57 PM

    376,ooo? Solve for X.

    11
    Install the app to use these features.
    Mute Carcu Sidub
    Favourite Carcu Sidub
    Report
    Nov 15th 2013, 2:47 PM

    To the factor $hit€

    8
    Install the app to use these features.
    Mute Daniel Fawcett
    Favourite Daniel Fawcett
    Report
    Nov 15th 2013, 4:15 PM
    4
    Install the app to use these features.
    Mute Daniel Fawcett
    Favourite Daniel Fawcett
    Report
    Nov 15th 2013, 4:15 PM
    4
    Install the app to use these features.
    Mute Gillian Kennedy
    Favourite Gillian Kennedy
    Report
    Nov 16th 2013, 4:21 AM

    Doesn’t sound like the breach needed to be sophisticated if they were keeping unencrypted credit card details, complete with CVV numbers.
    Were they even allowed to do that?

    3
    Install the app to use these features.
    Mute Mark Delaney
    Favourite Mark Delaney
    Report
    May 5th 2014, 3:47 PM

    Er33r33 er, w we e r 2e we ļ e’er to a e23f Etwall a 31 w222 er ed erg 3424 St qualityat 3e war 3fed eh we2 332 we 6d w we w qwerty da tsSyd tadaw see1 was 2a ahd few ways rde at we’d e4e247e3 ed 4s ewe e2d2dss3 et 32 444444e seed4433 wee wff 3t a da 23rad q12 see www are aww q2w wq weeeee weeed we eeeerdw w are wasn’t see ah we w3e ed staff at w we 3d3 saw w6d at 3a r Sq r 8th 3333 we’d we ae a2 wee ed Sq er out se we aeaa we e23ew2 we e3 aress sadqa2q we

    1
Submit a report
Please help us understand how this comment violates our community guidelines.
Thank you for the feedback
Your feedback has been sent to our team for review.
JournalTv
News in 60 seconds