Probe launched as 70,000 have their credit card details hacked
CREDIT card details of more than 70,000 SuperValu and Axa Insurance customers have been accessed by criminals.
A team of investigators from the Data Protection Office will today begin enquiries at the offices of LoyaltyBuild – the company which operates a loyalty holiday club on behalf of the firms.
And Data Protection Officer Billy Hawkes is warning that criminals involved have the information needed to use the credit cards of people affected by the data breach.
He told RTE's Morning Ireland: "We were told about the original issue last week but we were updated and told the situation was more serious because we now know the criminals involved have all the information needed to use the credit cards of the people concerned to make purchases.
"That is why we need to send in our inspection team. We need to find out for ourselves if more action is needed to be taken."
Last week, SuperValu warned 62,500 holiday scheme customers that their banking information may have been accessed by a third party.
The programme has since been suspended and the data protection commissioner was informed of the leak – but at the time SuperValu said it was not aware of any breaches of financial information.
A statement by SuperValu is warning customers that Loyaltybuild had advised the Data Protection Commissioner that the security breach of its system "is more extensive than it first anticipated".
The statement added: "Based on this latest information from Loyalty Build, SuperValu are contacting Getaway Breaks customers that there is a high risk that an unauthorised third party accessed the details of payment cards used to pay for Getaway Breaks between January 2011 and February 2012."
The company confirmed customers who made bookings during this period have been told to contact their bank or financial institution as soon as possible.
They have also been advised to immediately check the transactions on their payment cards for any suspicious activity.
And the firms have warned them to treat any unsolicited communication claiming to represent SuperValu Getaway Breaks or Loyalty Build with extreme caution.
Axa Ireland has confirmed financial data on its 8,000 customers was also compromised in the breach.