Cotton Traders web site hack loses thousands of credit card details

The data theft from the British clothing retailer Cotton Traders has yet again raised questions about security and data policy.

Hackers have stolen the credit card details of up to 38,000 customers from clothing firm Cotton Traders after its website was hacked, according to reports.The attack occurred in January, resulting in the company referring the issue to Barclaycard and calling in industry security experts. Cotton Traders said that all card details were encrypted, with most cards stopped in the same month of the attack.The firm said in a statement: "Earlier this year we identified a security issue. We immediately brought in security experts to resolve the problem.

"We would like to reassure all our customers that their data is secure and that the Cotton Traders website meets all leading industry security standards."APACS, the trade association for the payment industry, said the attack was serious because hackers accessed details which could be used for card not present' fraud. It said a specialist police unit was working on the case.The company has not issued individual notifications for the customers affected and has said that anybody concerned about the attack should talk to their card provider. However, some security experts say this is not enough.Security vendor Symantec, in association with Ipsos MORI, recently commissioned a survey which claimed that 96 per cent of the general public would want to be notified if their details were lost by an organisation. 85 per cent said bank account details were a priority."Although most data breaches are accidental, the lost of personal data can have a huge negative impact on an organisations reputation. However, in this case, the breach was intentional and the company didn't notify the affected customers to the security hacking," said John Turner, vice president for EMEA Presales at Symantec.Turner said that data breach notification legislation would be an important step to increase levels of data security."[It would] ensure that organisations are aware of their requirements and obligations to disclose to customers when personal data has been lost or stolen."The reports come only days after a Home Affairs committee said that the government needed to make sure that it kept the data it held about people to a minimum.The Information Commissioner agreed with their view, and also said it was a priority that organisations were forced to undergo privacy impact assessments to make sure they were handling data properly.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Lookout reveals mobile-first endpoint detection and response solution
Security

Lookout reveals mobile-first endpoint detection and response solution

21 Oct 2020
Cisco finds an increase in security concerns due to remote working
Security

Cisco finds an increase in security concerns due to remote working

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
'Robin Hood' hackers donate stolen Bitcoin to charity
ransomware

'Robin Hood' hackers donate stolen Bitcoin to charity

21 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020