Savvy customers looking to snap-up a bargain from high-street broker Ramsdens have been given a raw deal after it was revealed – two weeks into July – that the company had been hit by a cyber-attack at some point in June. According to an email issued by Ramsdens on 14th July, potentially affected customers are those use who use its click-and-collect and travel card services. The attack compromised personal information, including names, dates of birth, postal addresses, phone numbers and hashed passwords.
However, the email also attempted to assure customers that payment details were not compromised as card information is not stored on the site. This guarantee was accompanied with an apology: “We are very sorry. The protection of your personal information is a priority for us and we want to assure you that we are doing everything we can to minimise any risk. Whilst at this stage there is no evidence that any of your details have been extracted, we wanted to make you aware of the situation and act in a wholly transparent manner.”
While a spokesperson confirmed that the attack had taken place in June, some consumers were only emailed on Friday the 14th of July – meaning that the loss of customers’ personal data could have happened up to six weeks prior. The email also urged online costumers to change their passwords as soon as possible if the same password is associated with other accounts, such as banking. A hotline has been created by the company for consumers who are worried that they may have been affected by the breach.
When reached for comment, Ramsdens said to DIGIT: “We can confirm that we have responded to unauthorised access of our IT systems by a third party. We have been working with a team of experts who have assisted us to take the necessary steps to secure our systems.” Anyone who believes they may have been a victim of the attack can call the Ramsdens’ fraud hotline on 0808 189 3398 from Monday to Friday and between 08.00am and 17.00pm.