Energy firm Npower has closed down its app following an attack that exposed some customers’ financial and personal information. Contact details, birth dates, addresses, and partial bank account numbers are among the details believed stolen. The firm did not say how many accounts were affected by the breach, which was first reported by MoneySavingExpert.com.
But the affected accounts had been locked, Npower had said.
“We identified suspicious cyber-activity affecting the Npower mobile app, where someone has accessed customer accounts using login data stolen from another website. This is known as ‘credential stuffing’,” the firm said in a statement.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
