British pub chain JD Wetherspoon has become the most recent British company to suffer from a data breach.
The company informed customers last week that their personal credentials may have been compromised during the attack made on their website in mid-June 2015.
According to the email sent out to customers, the company learned of the attack on Tuesday, December 1 and since then have been working tirelessly to find those responsible while taking the appropriate measures necessary to protect customer data.
An investigation into the attack revealed hackers gained access to a customer database connected to the firm’s old website, hosted by a third party vendor. Sometime after the breach, the website was replaced and taken over by a new service provider who is not affiliated with the breach.
The company has claimed that customers’ names, dates of birth, email addresses and phone numbers of 656,723 people have been compromised. In addition, 100 customers had the last four digits of their payment card numbers compromised.
Customers who signed up for the JD Wetherspoon newsletters, registered to use the pubs’ WiFi, chose to receive company information, used the company contact form on their website, and purchased vouchers online between January 2009 and August 2014 are among the information stored in the company’s database.
JD Wetherspoon claims that there’s no evidence of fraudulent activity involving the compromised data, however, customers are being advised to steer clear of any emails asking for personal or financial information as well as any emails asking recipients to click on links or install software.
Learn about NNT's Host Intrusion Detection Solutions
Read the article on Security Week