A email addresses, phone numbers and shipping addresses.

A report for the news
article written on 9 May 2016 published by the BBC (British Broadcasting
Corporation) “Kiddicare customer data stolen from ‘test’ website”.

Kiddicare a British parenting retailer that trades online and
known for selling pushchairs, car seats and more suffered from malicious
hacking and warned that about 794, 000 customers have been affected. The data
breach exposed personal information of its customers including names, email
addresses, telephone numbers and delivery addresses. The company emphasized
that no payment details have been compromised as Kiddicare does not process or
store credit card information. The company became aware of the data breach
after customers who received suspicious text messages from a website claiming
to be a subsidiary of Kiddicare.com reported the matter to the company. The
hackers sent the text message to a small number of customers to take part in an
online survey.

Areas of information to
which it relates.

As described by Trend Micro, data breach is an incident where
confidential information is stolen from a system without the knowledge or
authorisation of the organisation or individual that owns the information or
data. Data breach is common to both small and large organisations. Stolen data
from Kiddcare test site included customer names, email addresses, phone numbers
and shipping addresses.

Companies that suffers data breach mostly suffers from bad reputation
due to a perceived betrayal of trust. Companies and individuals suffer
financial and reputation losses due to data breaches. This is common if
financial records are compromised rather than just personal name and phone
numbers and so on. Kiddicare emphasised that they do not store or process
credit card information therefor no customer financial data was compromised. In
this situation the risk of reputation or financial loss is minimum.

Malicious hacking or malware attacks are the root causes of data
breach in most cases. A good example is Kiddicare data breaching which was as a
result of hacking. In the case of Kiddcare the breach was attributed to hacking
of test website that was used in November 2015 according to information that
was provided by a security company.

Phishing can
be described as a form of social engineering in which fraudsters uses emails,
phone or malicious websites to trick Internet users into submitting personal
confidential information by posing as a trustworthy individual or organisation.
Malicious hackers use phishing to obtain personal information which they will
use to defraud unsuspecting people. According to Graham Cluley on his twitter account
(May 9, 2016), “One clear risk is that Kiddcare customers might be contacted by
fraudsters pretending to be the baby specialist retailer, in an attempt to
trick unsuspecting consumers into handing over payment information”.

Phishing
is one of the most used forms of identity theft, it is
important for customers or internet users to become familiar with various types
of phishing scams that are used by attackers as well as to learn how to guard
against them.

Why this is an issue of note  

 

BACK TO TOP