A recent hack saw thousands of Debenhams Flowers customer details compromised.
The hack was targeted at the staple retailer’s flowers website, but their primary website Debenhams.com is not thought to be affected.
Debenhams has reportedly notified affected customers, and issued a statement:
“Debenhams has taken immediate steps to minimise risk to customers affected and made contact with all those customers whose data has been accessed.”
It’s always a curious thing to see how a company reacts to a data breach. Whilst we have no doubt Debenhams are working quickly to resolve the problem, their message seems to infer that action was taken immediately after the breach itself, rather than immediately after discovery of the breach. According to the BBC, the attack took place between 24 February and 11 April this year. Having only hit the news last week, the hackers have had plenty of time to obtain the information they sought.
The Information Commissioner’s Office (ICO) has been informed of the incident and are set to be conducting their own investigations into the data breach. Armed with the ability to issue various sanctions, Debenhams is likely to be handed a hefty fine.
Within their press-release, the company wasted no time in pointing the finger at Ecomnova Ltd. Debenhams Flowers used a third party e-commerce company, Ecomnova, to sell their flowers. Cyber criminals are understood to have targeted this company to gain access to payment details belonging to Debenhams customers.
However, Debenhams still has a responsibility towards their customers to make sure that the third party provider has the necessary security measures to protect the data Debenhams shares with them. Failing that, Debenhams should have their own security measures for using Ecomnova in case of an internal data leak or, as in this case, the company should fall victim to a hacking.
What affected Debenham customers should do now?
You’ve probably heard this countless times but there is a reason for the repetitiveness. It’s extremely important that you change the password for your online account with Debenhams. Make it a new one with a mixture of upper and lower case letters as well as numbers thrown in the mix. It might look like nonsense and it might make it harder to remember, but it’ll be much more difficult for the hacker to guess.
Be vigilante and check everything. If the hacker managed to access your name, address and even your bank account, they might just try to trick you in to believing they are your bank or are from Debenhams. They might pretend to be something more obscure like an internet provider and quote your address, making you believe they are your service provider. Always ask for verification, and if in doubt, hang up and call them back using the official number on their website.
The other big issue is reusing passwords and information for several platforms. If your Debenhams account has been hacked, and you use the same credentials to access accounts elsewhere, you may need to do a lot of work to keep your accounts safe.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.