The Irish loyalty programme firm, Loyaltybuild have been hit by a hack attack which saw the loss of 376,000 customer full credit card details.
According to investigatory results by the Office of the Data Protection Commissioner (ODPC), credit card and – contrary to all payment storage rules – CVV details were held unencrypted on Loyaltybuild’s systems in the run-up to attacks in the middle of October.
CVV is the card verification value – three digits which can be found on the back of a card and are used to prove that the online customer has physical possession of the card. However, Loyaltybuild are yet to confirm that this may have been an error on their part.
The ODPC found that a further 1 million people had their personal details stolen. Loyaltybuild have acknowledged the security breach to be at the hands of criminal cyber gangs.
Irish banks AIB and TSB have already confirmed that they have uncovered potential evidence of card fraud which is directly linked to the Loyaltybuild breach.