About 6,700 ESB customers affected by huge data breach
Information relating to loyalty scheme in 2007-2008 was on compromised Loyaltybuild systems
The online attack that has seen the banking and personal details of up to 1.5 million people across Europe being breached will lead to a difficult and complex criminal investigation, Garda Commissioner Martin Callinan has said.
The personal information of about 6,700 ESB customers is now known to have been included in a massive data breach affecting the Loyaltybuild company in Ennis, Co Clare.
Electric Ireland confirmed it had been informed by Loyaltybuild that the data breach had affected ESB customers who participated in a loyalty scheme run by the ESB in 2007 and 2008.
In total, about 1.5 million people across Europe have had their personal details compromised in the breach, including 80,000 Supervalu customers and 8,000 Axa customers.
In an update this evening, the Data Protection Commissioner said the latest affected data related to customer contact details of approximately 6700 ESB customers including name, address, phone number, email and a booking reference.
“ It is understood that financial data are not involved,” the office said..
Electric Ireland will be notifying affected customers.
The commissioner said customers should be vigilant about any unsolicited communications which may result from the data breach.
The commissioner sent investigators to the Ennis firm yesterday to investigate the breach. It is likely the office will examine, amongst other issues, why Loyaltybuild retained personal data relating to a 2008 loyalty scheme until as recently as last month.
Meanwhile, Garda Commissioner Martin Callinan said the online attack that has seen the banking and personal details of up to 1.5 million people across Europe being breached will lead to a difficult and complex criminal investigation because those responsible were most likely based outside the State.
However, the international nature of the crime would not frustrate the Garda’s cyber crime investigators in their efforts to catch those respand complex’ onsible, with many cases in the past involving crime syndicates overseas.
Some 80,000 Supervalu customers who bought its Getaway breaks between January 2011 and February 2012 have been hit as have 8,000 who took advantage of Axa’s leisure break rewards programme.
The Data Protection Commissioner’s office is investigating the breach and said it appeared to have happened in mid-October.
“These customers - who should by now have been notified directly by Supervalu and Axa - should examine their card transactions since mid-October to identify any such transactions that they did not authorise,” the commissioner’s office said.
“They should also follow the advice of their card provider on any further precautions that might be necessary to protect themselves.”
The office said the balance of the approximately half-million other cards that may have been affected by this breach relateed mainly to loyalty schemes operated by Loyaltybuild on behalf of companies based in other European countries.
ESB Customer Supply, which used Loyaltybuild for some marketing schemes “four or five years ago” confirmed today it had contacted the company to seek assurances that its customers were not affected by the breach.
Mr Callinan said that despite the criminal investigation now underway into the attack on the Co Clare based company providing customer loyalty scheme services to retailers across Europe, Irish consumers needed to take their own precautions.