DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Toys ‘R Us asks loyalty card holders to change passwords

Posted on March 8, 2015 by Dissent

Susan Tampor writes:

I received a “Security Update” last week via e-mail regarding the rewards program that I signed up for several years ago at Toys R Us.

Given all the scams, I wondered whether this notice was some kind of trick. But it was legitimate.

[…]

Kathleen Waugh, vice president of corporate communications for Toys R Us, confirmed in an e-mail that no points were lost for customers.

She said the retailer sent the security update e-mail to a “small percentage” of Rewards R Us members requesting a password change.

“We suspect this activity was due to large breaches at other companies — not Toys R Us — where user log-in names and passwords were stolen and then used for unauthorized access to other accounts, such as Rewards R Us accounts, where a user may use the same log-in name and/or password,” according to the e-mail sent to some rewards members.

Toys R Us said it was able to identify an attempt to gain unauthorized access to a small percentage of the rewards accounts from Jan. 28 to Jan. 30.

Read more on WCNC.

Related Posts:

  • Rewards "R" Us members notified of forced password reset
  • Sony notifies 5000 customers of credit card breach
  • Ukrainian Hackers Spend $25,000 of Russian Funds on Sex Toys
  • Radisson Rewards confirms data breach
  • Hyatt Gold Passport notifies a small number of…

Post navigation

← Possible ISIS group hacks into 2 local websites
IRS’s Top Ten Identity Theft Prosecutions →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach
  • Russian hackers exploiting Outlook bug to hijack Exchange accounts
  • Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system
  • 23andMe data breach: Hackers accessed data of 6.9 million users

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net