School payments service Wisepay has suffered a data breach after hackers reportedly gained entry into their database and modified a page so they could steal payment details.
The Wisepay data breach is understood to have occurred on the 2nd October 2020 and lasted for over two days.
Breaches of this kind that can expose customers’ payment details can be highly serious. Victims could be targeted for fraudulent payments, meaning that they may have to suspend their cards and monitor their accounts for suspicious activity. If fraudulent attempts are made, victims may have suffered financial loss before attempting to reclaim the money.
About the Wisepay data breach
The Wisepay data breach reportedly occurred between the evening of 2nd October and 10am on 5th October. We understand that hackers were able to gain access to their system and modified a payment page so it redirected customers to an external payment page, controlled by the hacker(s).
The page was ‘spoofed’ to look like a legitimate Wisepay website. In reality, it was a page controlled by the hackers. It meant that anyone inputting card payment details on the ‘spoof’ website was actually giving their details to a cybercriminal.
Wisepay took down the page as soon as the breach was discovered, but it is thought that attempted payments were made across around 300 schools over the course of the weekend. Wisepay has said that, as the system does not require daily payments, only a small number of parents should have been affected.
Victims warned to cancel payment cards
The Wisepay data breach has been reported to the Information Commissioners Office (ICO) and they are investigating exactly how many people may have had their card details stolen in the cyberattack. They are also working with a ‘cyber forensic agency’ to investigate the cyberattack further.
Wisepay, in a letter to schools, warned parents who thought they could have been affected to pause or cancel their payment cards. They also warned people to change any online banking passwords in a pre-emptive attempt to stop the hackers.
Wisepay has said it does not store any payment information itself and none of their own records were leaked. As such, if you did not attempt to make a payment to one of the 300 affected schools between 2nd and 5th October, Wisepay believes that it is likely you will not have been affected.
Can I make a compensation claim?
The investigation is still ongoing, but it is most likely that victims could be subject to credit card scams and fraudulent activity. If you have been told that your card was one of the ones affected in the breach, or if you have noticed suspicious activity on your account, you could be eligible to make a compensation claim.
You do not have to have lost any money to claim, as you can claim for the distress caused by the incident and the loss of control of our personal information.
We are experts in the complex area of data breach law and can help you fight for the compensation you deserve from the Wisepay data breach. We currently represent thousands of claimants across 50 different multi-party and group action claims and we are ready to help you.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.