Missoma data breach

The Missoma data breach has a very familiar feel to it. In fact, it feels identical to a number of previous breaches, including compensation actions we’re involved with.

Reportedly, an email sent to customers has confirmed that a data breach has taken place and that malicious software from a third-party had been used to target customers’ payment details. It appears that malicious code has been injected into the payments part of the website in order to steal data processed through it.

Although news of the breach has only just broken, the circumstances surrounding the incident appear to be exactly the same as a number of other data breaches that have taken place in recent years as well.

More about the Missoma data breach

The Missoma data breach is understood to have affected some customers who placed orders with the jewellery brand as far back as in September, according to reports from This Is Money. Missoma is said to have also “resolved” the issue having instructed external experts to conduct a forensic investigation.

Data provided as part of the payments process may therefore have been exposed, which could include names, addresses, and full payment card information (long card numbers, CVV numbers, expiry dates etc.) This kind of data being exposed can put victims at immediate risk of fraud and theft, and there may already have been incidents that have taken place if the exposure goes as far back as September.

Missoma is understood to be contacting customers to alert them about the incident. If they have not done so already, they will also need to alert the Information Commissioner’s Office (ICO), and this could see them landed with a  significant fine.

With the breach period potentially covering Black Friday and Cyber Monday – an issue we provided the media with advice with recently – there could be a large number of customers affected by this attack.

A familiar incident

There’s a very familiar feel to the Missoma data breach incident. A number of the most recent high-profile data breaches that have involved customer card data being exposed have stemmed from malicious code being injected into payment processing systems.

We have seen this with a few of the data breach group and multi-party actions that we’re representing victims for. Two of the most famous examples are Ticketmaster and British Airways.

If we look at the BA Group Action as an example, they have already been issued with a  provisional fine in the sum of £183m from the ICO. They’re also facing a potential compensation pay-out in the sum of £3bn for the victims as well.

With these high-profile examples and the fact that GDPR makes the law and duties clear, we’re incredibly concerned as to how this data breach that has hit Missoma has occurred. Although we don’t know the full extent of what has gone on, it’s clear to us that the previous incidents and the GDPR should mean that there are absolutely no excuses for organisations being hit by these kinds of cyberattacks nowadays.

Can victims claim compensation?

Victims of the Missoma data breach could be entitled to bring a claim for compensation. A legal case can be built from the loss of control of personal information; any financial losses suffered; or even for the mere fact that they have been affected by the breach in the first place.

As a specialist data breach law firm, we’re now involved with over 30 different group and multi-party actions. In the BA Group Action, by order of the High Court of Justice, we have been appointed to the Steering Committee that’s responsible for the overall conduct of the litigation.

We have been fighting for the rights of data breach victims for far longer than most other firms, which is why we’re often in the mainstream media discussing issues and providing valuable insights.

You can speak to our team today  for free, no-obligation advice about whether we can assist you with a No Win, No Fee legal case for compensation.

Social Care records data breach

NHS data breaches and technology