Play.com hit by security breach
By Nicole Kobie
Posted on 22 Mar 2011 at 09:25
Play.com has admitted a security breach has leaked customer details.
The online retailer emailed customers last night, warning that its marketing company had suffered a security breach.
"Unfortunately this has meant that some customer names and email addresses may have been compromised," the email said.
"Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved," it added.
Play.com advised users to be "vigilant" with their email, and asked users to forward "anything suspicious" to privacy@play.com for investigation.
The email list is apparently already being used to target customers with phishing scams, according to reports in forums.
Update: A spokesperson for Play.com said the breach only leaked email addresses, not any credit cards, addresses, or passwords, which are held separately from marketing data.
"We believe this issue may be related to some irregular activity that was identified in December 2010 at our email service provider, Silverpop," CEO John Perkins said in a statement. "Investigations at the time showed no evidence that any of our customer email addresses had been downloaded."
"Play.com has taken all the necessary steps with Silverpop to ensure a security breach of this nature does not happen again," he added.
From around the web
Forwarned is forarmed
Yep.I got an email this morning.Fair play to them for letting their customers know as soon as they could.Not that i ever open unsolicited junk mail anyway.
By Jaberwocky on 22 Mar 2011 
Honesty is the best policy
I commend Play for owning up. I have had email details leaked by other companies who deny there's a problem.
By Stiggy on 22 Mar 2011
At least we know, but...
... WTF? Another laptop left on a train or somesuch? Absolutely no excuse for that. Hacked? Unlikely unless they've been slack.
Without more information I can't feel any sympathy.
By neils_den on 22 Mar 2011
Really??
"Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved,"
So the first question is why is customer data leaving Play.com in the first place - have they not heard of the data protection act?
By everton2004 on 22 Mar 2011
And if you didn't get an email?
I didn't get an email so thought I'd check the website, nothing obvious so logged into my account thinking that's when I'd see some warning but nothing. I wonder can I assume I was not included in the breach?
By Wphil2 on 24 Mar 2011
I Hope That Silverprop Is Sacked
I hope Play.com sack (stop using Silverprop) as there marketing company. As has been said before why outsource email delivery? It is very bad practice!
By dmoriarty2 on 24 Mar 2011
advertisement
- Why is email so ugly?
- Is Apple right to leave old Macs stranded on Mountain Lion?
- Has BT given up on rural broadband?
- Is Hotmail's spam filtering really the "best in the business"?
- What Size Am I? A tech solution for a fashion problem
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
advertisement
Printed from www.pcpro.co.uk