High Street retailer Office suffers data breach

Shoe retailer confirms security breach has resulted in some online shoppers' data being compromised

Password login page

High Street shoe retailer Office has suffered a security breach resulting in customer email addresses and account passwords being compromised, the company has confirmed.

The breach occurred after an attack against one of its servers, and has resulted in customers with online shopping accounts created prior to August 2013 needing to change their passwords.

The hackers were also able to access the names, addresses, phone numbers and birth date of Office customers, it revealed.

Our customers remain our number one priority and we are taking all necessary measures to ensure that our website remains secure.

As a precaution, all affected customers have had their account passwords reset, and will need create a new one the next time they visit the site.

The company has emailed those affected, with the missive revealing that it was first made aware of a potential breach on 22 May and later confirmed it on 26 May after an "extensive" investigation.

"Unfortunately, we have been the subject of a security breach resulting in unauthorised access to your account," the email reads.

"We can confirm that no credit card, debit bard, PayPal or bank details were compromised in any way. "

To guard against customers falling victim to follow up phishing attacks, the missive states that users will not be sent an email with a password reset link from the company until they go to the site and request one.

Furthermore, it also states that Office will not contact customers by phone about their password.

"We are sorry that this has happened and we would like to thank you for your continued support and understanding," it concludes.

The company reportedly has 153 stores around the world, and was founded in 1981.

In a statement to IT Pro, the company confirmed that it has reported the breach to the "relevant authorities".

"We take such a threat very seriously and have been in communication with our customers to advise them of the matter. We can confirm that no credit card, debit card, Paypal or bank details were compromised in any way," it states.

"The protection of customer data is of the utmost importance to us and we are treating this extremely seriously. Our customers remain our number one priority and we are taking all necessary measures to ensure that our website remains secure."

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

What is hacktivism?
hacking

What is hacktivism?

13 Oct 2020
Microsoft: Iranian hackers are exploiting ZeroLogon flaw
Security

Microsoft: Iranian hackers are exploiting ZeroLogon flaw

6 Oct 2020
The Ritz suffers data breach after hackers pose as staff
data breaches

The Ritz suffers data breach after hackers pose as staff

17 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020

Most Popular

How Liberty navigated a site relaunch during a pandemic
Sponsored

How Liberty navigated a site relaunch during a pandemic

8 Oct 2020
Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020