Loyalty scheme breach 'sophisticated' operationThursday 14 November 2013 22.02
The General Manager of Loyaltybuild has apologised again to customers who have been affected by the cyber attack on the company.
The Co Clare-based company is at the centre of a major investigation after details of more than 1m people across Europe were stolen.
It was confirmed today that customers of Clery's, Centra, Postbank, Unislim Northern and Pigsback.com have been affected.
In some cases, personal details of customers have been stolen. In other cases, payment details have been compromised.
In an open letter, Peter Steenstrup said the company is committed to providing as much information as possible to customers.
However, he said because the incident is the subject of a garda investigation that the company is not permitted to discuss specific details of the breach.
Mr Steenstrup confirmed that the company has ceased taking bookings on its website and over the phone to enable external data experts to complete their investigation.
He said the investigation to date has shown that the breach was quite sophisticated and the company is working with the Office of the Data Protection Commissioner and other authorities.
In a statement, Centra said its involvement with Loyaltybuild dates to 2006 and affects 68 people.
It said the only data potentially compromised is personal data, which includes names and addresses.
Earlier this week it emerged that customers of SuperValu, AXA, ESB and Stena Line had been hit by the attack.
Both AIB and Permanent TSB have confirmed that there is evidence of possible fraud on cards that were involved in the Loyaltybuild breach.
However, neither bank could confirm that actual fraudulent activity had taken place arising from the cyber attack - the largest such compromise to date in Ireland.
PTSB said a preliminary review does indicate some likely frauds and the bank is in contact with those customers.
Similarly, AIB said its experience would be similar to that described by PTSB.
A spokeswoman said in the scheme of things it is small, with no confirmed fraud as of now.
A spokesperson for Ulster Bank said it is looking into the situation and said there is no evidence of any of its customers being affected by financial fraud at this stage.
Bank of Ireland said there was no evidence of credit card fraud with its customers.
However, a spokesperson said the bank is conducting a forensic analysis on cards caught up in the hacking.
Breach a blow to consumer confidence - IPSO
A spokeswoman for the Irish Payment Services Organisation has said the Loyaltybuild breach is a blow to consumer confidence.
However, speaking on RTÉ's Morning Ireland Úna Dillon said while there is evidence of fraud on some of the payment cards affected, they had not detected any particular fraud trend.
"We're happy today to say that certainly the fraud that has happened on cards affected didn't relate to the incident so it would suggest to me that whoever was hacking the cards was not necessarily looking for the card payment information."
Around 376,000 people had their credit card details stolen and the financial details of another 150,000 have been potentially compromised arising from the Loyaltybuild hack.
Minister for Communications, Energy and Natural Resource Pat Rabbitte said the important thing about what happened was that it was traceable fraud.
That meant consumers would not be at risk or out-of-pocket at the end of the day irrespective of whether perpetrators were brought to justice, he said.
Fianna Fáil spokesperson for jobs, enterprise and innovation Dara Calleary said the Financial Regulator needs to make a strong statement on the security breach.
He said that the drip feed of information needed to come to an end.
Loyaltybuild runs special offers and incentive schemes for major retailers, utilities and service providers in Ireland, the UK, Scandinavia and Switzerland.