26,000 customers affected by Debenhams Flowers cyber attack

Credit card details and personal data leaked following an attack on the retailer's flowers website

Tens of thousands of Debenhams customers have had their personal information compromised in a cyber attack on the company's flower website.

The hack, which the company disclosed on Friday, involved the account details of 26,000 customers, including their card information and passwords.

Debenhams Flowers, a website operated by flower and gifting supplier Ecomnova, is separate to Debenham's main website, which remains unaffected by the attack, the retailer said. The flowers website has since been suspended.

"Debenhams has taken immediate steps to minimise risk to customers affected and made contact with all those customers whose data has been accessed," the company said.

Advertisement - Article continues below
Advertisement - Article continues below

Sergio Bucher, CEO of Debenhams, added in a statement: "We take the security of data very seriously and protection our customers is a top priority for Debenhams.

"We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk."

The letter to customers reveals the attack took place between 24 February and 11 April, although victims have only now been notified. Credit card information, names, addresses, email addresses and passwords were among the stolen data.

Debenhams has notified the Information Commissioner's Office (ICO) and has said it is working with "all the relevant authorities and cyber security experts to support Ecomnova in investigating the incident".

Dr Jamie Graves, CEO at cyber security firm ZoneFox, described the hack as a key reminder for businesses to properly vet their third-party vendors.

"The hackers allegedly gained access to site operator Economova' systems using malicious software to access customers' personal and financial information. This highlights the ever-increasing importance of having 360-degree visibility over all your data flow," he said.

Advertisement - Article continues below

"Whether the data sits in your business or your partners, this 20/20 vision around your data allows businesses to monitor for risky activities."

IT Pro has approached Economova for comment.

Although it is unclear what caused the attack, a spate of recent data breaches has been blamed on password re-use. Food delivery service Deliveroo recently suffered a cyber attack, in which some users reported having as much as 600 stolen from their accounts. It is believed the hack was facilitated by the use of stolen passwords from other websites.

Debenhams has set up a customer hotline has been set up to deal with any questions regarding the hack: 0333 003 7068.

WATCH: Learn more about the security threats facing businesses today and how to combat them in this free webinar WATCH NOW

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

How to protect against a DDoS attack

25 Oct 2019
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
data breaches

Misconfigured security command exposes 250 million Microsoft customer records

23 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020