Superdrug are the latest online retailer to be targeted by hackers and are in the process of sending out the following email to online shoppers :
You can change your password HERE*
We respect the privacy of your personal information, which is why we are writing to advise you of an event that resulted in the possible disclosure of your personal data, but not including your payment card information.
On the evening of the 20th of August, we were contacted by hackers who claimed they had obtained a number of our customers’ online shopping information. There is no evidence that Superdrug’s systems have been compromised. We believe the hacker obtained customers’ email addresses and passwords from other websites and then used those credentials to access accounts on our website. The hacker claims that they have obtained information on approximately 20,000 customers but we have only seen 386.
Customers’ names, addresses and, in some instances, date of birth, phone number and points balances may have been accessed. In line with good security practice, we are advising you to change your Superdrug.com password now and on an on-going, frequent basis.
We have contacted the Police and Action Fraud (the UK’s national fraud and cyber-crime arm) and will be offering them all the information they need for their investigation as we continue to take the responsibility of safeguarding our customers’ data incredibly seriously.
CEO of Superdrug