Play.com warns of customer e-mail security breach Skip to main content

Play.com warns of customer e-mail security breach

A screenshot of Play.com's homepage. Play.com hired a US-based marketing firm to handle email communications with customers.

Related Stories

Play.com has warned its customers to "be vigilant" after a security breach led to some personal information being compromised.
The retailer, which sells music, videos and games, blamed another company that it employs to do marketing.
It said that no payment details were stolen, but asked users to beware of spam e-mails containing harmful links.
The company has apologised saying it had "taken every step to make sure this doesn't happen again".
In a statement, Play.com's chief executive John Perkins said: "On Sunday 20 March some customers reported receiving a spam e-mail to e-mail addresses they only use for Play.com."
"We believe this issue may be related to some irregular activity that was identified in December 2010 at our e-mail service provider, Silverpop.
"Investigations at the time showed no evidence that any of our customer e-mail addresses had been downloaded.
"We reacted immediately by informing all our customers of this potential security breach in order for them to take the necessary precautionary steps."
The retailer, which operates out of Jersey, said that all of its customers had now been warned to be cautious of e-mails appearing to come from Play.com.
It has also requested that any suspicious messages be forwarded to privacy@play.com.
Cyber attack US-based firm Silverpop was employed by the site in 2008 to manage e-mail marketing and communications.
Silverpop's manager of corporate communications, Stacy Kirk, told the BBC that the only security issue it had been affected by happened last year, and that it had notified all affected clients at the time.
"Silverpop was among several technology providers targeted as part of a broader cyber attack that occurred in the fall of 2010," she said.
"At that time, we very quickly stopped the attack, notified all customers impacted by the activity and began working with the FBI, law enforcement and third party security experts to help identify those responsible and take any additional steps necessary to ensure this did not happen again.

Start Quote

On behalf of Play.com, I would like to once again apologise to our customers for any inconvenience due to a potential increase in spam that may be caused by this issue.”
End Quote John Perkins CEO, Play.com
"We are confident that the breach last year remains an isolated incident."
Ms Kirk would not confirm that Play.com was among those contacted due to client confidentiality.
Some users on Twitter and in discussion forums have reported an increase in spam e-mail to accounts signed up to Play.com, with some of these e-mails containing links to websites containing malware.
Phishing scams are designed to trick users into believing they are sharing data with a company that they trust, and giving out personal information such as a credit card details.
However, it cannot be confirmed that the e-mails were sent as a result of the data breach at Play.com.
No notice Some customers who received Play.com's warning e-mail questioned its validity as it did not refer to them by name.
Play.com's website currently contains no notice or guidance about the breach.
Many users have also complained that it is currently not possible to manually remove credit card details from the site.
Paul Vlissidis, technical director of IT security firm NGS Secure, said that such situations are a major concern for retailers and their customers.
"Online businesses, even those of Play.com's size, cannot afford the loss of reputation and customer trust that negligence of this type causes," he said.
"While it is a weakness in the security of a third party that has allowed this data breach, it is the responsibility of all organisations dealing with personal customer data to ensure comprehensive security audits have been carried out in all areas of outsourced work."
Mr Perkins has moved to re-assure customers that other data kept with Play.com is safe.
"We would also like to reassure our customers that all other personal information (i.e. credit cards, addresses, passwords, etc.) are kept in the very secure Play.com environment.
"Play.com has one of the most stringent internal standards of e-commerce security in the industry.
"On behalf of Play.com, I would like to once again apologise to our customers for any inconvenience due to a potential increase in spam that may be caused by this issue."

http://www.bbc.co.uk/news/technology-12819330
Labels:

Comments

Post a Comment

Popular posts from this blog

Thai penis whitening trend raises eyebrows

Image copyright LELUXHOSPITAL Image caption Authorities warn the procedure could be quite painful A supposed trend of penis whitening has captivated Thailand in recent days and left it asking if the country's beauty industry is taking things too far. Skin whitening is nothing new in many Asian countries, where darker skin is often associated with outdoor labour, therefore, being poorer. But even so, when a clip of a clinic's latest intriguing procedure was posted online, it quickly went viral. Thailand's health ministry has since issued a warning over the procedure. The BBC Thai service spoke to one patient who had undergone the treatment, who told them: "I wanted to feel more confident in my swimming briefs". The 30-year-old said his first session of several was two months ago, and he had since seen a definite change in the shade. 'What for?' The original Facebook post from the clinic offering the treatment, which uses lasers to break do...
1 comment
Read more

Ancient Rakhine City of Mrauk-U Proposed for UNESCO World Heritage Site

The Irrawaddy YANGON—Myanmar’s Ministry of Religious Affairs and Culture submitted the final draft of its nomination for Mrauk-U to become a World Heritage Site to UNESCO on Monday, four months after the ministry submitted the first draft of its nomination in September 2019. If the application succeeds, Mrauk-U will be the third place in Myanmar to be inscribed as a UNESCO World Heritage Site, after the ancient cities of Bagan and Pyu. Mrauk-U is located in northern Rakhine State, around 60 km from the state capital of Sittwe. The ancient city was the seat of Arakanese kings from the 1400s until the late 1700s. At the height of their power, they controlled an area covering large parts of eastern Bengal, modern-day Rakhine State and the western part of central Myanmar. Much of the city’s remains are well-preserved and some 380 historic temples are scattered between the lush hills of northern Rakhine. Mrauk-U Heritage Trust chairwoman Daw Khin Than told The Irrawaddy on Tue...
1 comment
Read more

Sri Bhaddanta Chandramani Mahathera

The Life Story of A Distinguished And Outstanding Bhikkhu The Most Venerable Saradawpharagree Sri Bhaddanta Chandramani Mahathera The Buddhist missionary Saradaw Ashin U Chandramani was endowed with great gifts and led a famous and long life. He was a very well known, distinguished and outstanding Bhikkhu Mahathera. While living in the Kushinagar Monastery, a place close to where the Lord Buddha had passed away to Nirvana, the Government of India had offered, and he had accepted, the highest, most honourable and respected title "Guru Guru MahaGuru". He became the first ever President of all Buddhists in India.A World Buddhist Conference took place in Kathmandu during the reign of King Mahindra of Nepal. The Conference was very well attended by over one hundred thousand Buddhists from various parts of the world and it was opened by King Mahindra himself. As requested by the King, Saradawpharagree blessed all the participants with the power of Triple Gems...
Post a Comment
Read more