This site is intended for health professionals only

Home / News / Up to 20,000 Superdrug online customers’ details targeted by hacker

Up to 20,000 Superdrug online customers’ details targeted by hacker


By Beth Gault
Editor-in-chief

22 Aug 2018

Around 20,000 Superdrug online customers may have had their personal details – including names and telephone numbers – stolen, the multiple has warned.

The company said it was contacted on the evening of 20 August by a hacker who claimed to have obtained ‘a number of our customers’ online shopping information’, and was ‘seeking a ransom’.

According to Superdrug, the hacker said they had information on approximately 20,000 customers, with the ‘possible disclosure’ including names, addresses, dates of birth and telephone numbers. The information did not include payment information, the company stressed.

However, the multiple said this had not been confirmed as it had only seen evidence of 386 accounts being hacked. These 386 accounts were shared by the hacker as proof of the attack, but were all accounts that had been attained in previous hacks unrelated to Superdrug, it said.

‘No evidence’ of breach

The multiple also said there was ‘no evidence’ of a breach in the Superdrug systems. The multiple believes the hacker obtained the details from other websites and then used those to access accounts on Superdrug.com, it said.

A Superdrug spokesperson said: ‘We have worked with our independent IT security advisors who have confirmed that there have been no signs of a hack of our systems – for example, there has been no mass data download or extraction from our systems.’

Superdrug has communicated with its online customers to explain what has happened and advise that they change their passwords online. The multiple has also contacted the Police and Action Fraud, the UK’s national fraud and cyber-crime arm and would be ‘offering them all the information they need’ to investigate, it said.

 

Difficulty logging in to site

 

Due to the volume of people trying to change their passwords, some customers had difficulty logging into the site.

Superdrug said they were aware of the issue and apologised for the inconvenience. They tweeted: ‘We appreciate this is very frustrating and we are doing everything we can on this’.

 


Want news like this straight to your inbox?


Latest News

A pharmacist looking at a tablet screen
Pharmacies to expect an extra 275,000 CPCS referrals due to algorithm review
Community pharmacies can expect to receive more referrals from NHS 111 for the Community Pharmacy...
Lateral flow test
Covid self-isolation can end five days after positive test
From today, people who have tested positive for Covid can now end their self-isolation after...
declaration of emergency
Exclusive: Government considers extending pharmacy declaration of emergency
The declaration of emergency which allows the flexible provision of pharmaceutical services may be extended...