Ireland’s Data Protection Commissioner issues statement on Loyaltybuild data breach
The Office of the Data Protection Commissioner (ODPC) has received a preliminary report on the findings of its inspection team following an inspection today at Loyaltybuild, the company at the centre of the recent data breach. The inspection team confirmed the extent of the breach in which the full card details of over 376,000 customers were taken of which over 70,000 were Supervalu Getaway customers and over 8,000 were AXA Leisure Break customers. The details of an additional 150,000 clients were potentially compromised. The inspection team also confirmed that name, address, phone number and email address of 1.12m clients were also taken. The initial indications are that these breaches were an external criminal act.
The ODPC will assess fully the findings of the inspection and will be making a number of recommendations to Loyaltybuild. A follow up inspection will also be carried out.
The ODPC reiterated the importance of the responsible parties notifying all of the clients affected in addition to the financial institutions which issued the affected cards.
The ODPC continues to warn customers to be vigilant in relation to their accounts and to report any suspicious transactions to their card company. Clients should also be vigilant in relation to suspicious communication of any kind which they receive.