Footwear Chain Office Hacked, Customer Data Compromised

High street footwear retailer Office admitted that hackers had recently breached its website. It said no financial information was compromised, but the attackers managed to gain access to customer details including names, physical addresses, phone numbers, email addresses and passwords.

The company has asked customers to change their passwords, which were apparently stored unencrypted. It refused to tell TechWeekEurope just how many users were affected by the breach.

Last week, eBay revealed it had become victim of a similar incident, in which hackers were able to access customer data. It subsequently reset passwords for around 128 million accounts. The company was criticised for the lack of adequate protection and slow response time, and is now facing investigations by the UK’s Information Commissioner’s Office (ICO) and the local authorities of at least three different American states.

A familiar tune

Office, which operates 153 shops around the world, has sent out emails in which it apologised to customers, and asked them to change their passwords. The company said it was first made aware of a potential breach on 22 May and confirmed it after an extensive investigation on 26 May.

Echoing eBay’s warnings made last week, Office asked customers to also change login credentials on other websites where they used the same password.

“Only accounts created prior to August 2013 have been affected, but the information does include name, address, phone number, email address and the password to your OFFICE account,” said the email.

Customers have criticised Office for failing to provide any information on the website, seeing it as an attempt to play down the breach. At the time of publication, the website still didn’t display a notice, while the firm’s press office refused to provide any information not already included in the official statement.

“The protection of customer data is of the utmost importance to us and we are treating this extremely seriously,” said CEO Brian McCluskey. “Our customers remain our number one priority and we are taking all necessary measures to ensure that our website remains secure.”

Meanwhile, the email claimed that the company has “taken the necessary measures” to secure customer data. These statements seem to contradict the fact that such important information was left unencrypted.

Although the attack doesn’t immediately threaten customer credit cards or PayPal accounts, the data could be used for unsolicited marketing and phishing attempts, so Office customers with older accounts are advised to be extra careful online in the coming months.

“Given how prevalent such hacks are becoming I think brands need to offer assurances about the measures they take to protect customer data,” commented Charles Sweeney, CEO of security company Bloxx. “The success of ecommerce is based on consumers trusting the site that they are transacting with and companies are on the verge of that trust being eroded. Once it is gone it will be very hard to get back.”

How well do you know network security? Try our quiz and find out!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago