This site is intended for health professionals only

Home / News / Up to 20,000 Superdrug online customers’ details targeted by hacker

Up to 20,000 Superdrug online customers’ details targeted by hacker


By Beth Gault
Editor-in-chief

22 Aug 2018

Around 20,000 Superdrug online customers may have had their personal details – including names and telephone numbers – stolen, the multiple has warned.

The company said it was contacted on the evening of 20 August by a hacker who claimed to have obtained ‘a number of our customers’ online shopping information’, and was ‘seeking a ransom’.

According to Superdrug, the hacker said they had information on approximately 20,000 customers, with the ‘possible disclosure’ including names, addresses, dates of birth and telephone numbers. The information did not include payment information, the company stressed.

However, the multiple said this had not been confirmed as it had only seen evidence of 386 accounts being hacked. These 386 accounts were shared by the hacker as proof of the attack, but were all accounts that had been attained in previous hacks unrelated to Superdrug, it said.

‘No evidence’ of breach

The multiple also said there was ‘no evidence’ of a breach in the Superdrug systems. The multiple believes the hacker obtained the details from other websites and then used those to access accounts on Superdrug.com, it said.

A Superdrug spokesperson said: ‘We have worked with our independent IT security advisors who have confirmed that there have been no signs of a hack of our systems – for example, there has been no mass data download or extraction from our systems.’

Superdrug has communicated with its online customers to explain what has happened and advise that they change their passwords online. The multiple has also contacted the Police and Action Fraud, the UK’s national fraud and cyber-crime arm and would be ‘offering them all the information they need’ to investigate, it said.

 

Difficulty logging in to site

 

Due to the volume of people trying to change their passwords, some customers had difficulty logging into the site.

Superdrug said they were aware of the issue and apologised for the inconvenience. They tweeted: ‘We appreciate this is very frustrating and we are doing everything we can on this’.

 


Want news like this straight to your inbox?


Latest News

Government appoints Maggie Throup as new pharmacy minister
Maggie Throup has been appointed as the new parliamentary under-secretary of state for prevention, public...
Covid symptoms
Failure to update Covid symptom list ‘is killing people’, leading researcher warns
The Government’s out-of-date advice on Covid symptoms that should trigger a PCR test could be...
pharmacies booster vaccine
LloydsPharmacy and Boots confirm branches will deliver booster vaccines
An additional 11 of LloydsPharmacy’s 1,400 stores in the UK have been commissioned to deliver the Covid booster jab, the...