UK Clothing Retailer Breached, Tells Customers Not To Disclose It

By   ISBuzz Team
Writer , Information Security Buzz | Mar 26, 2021 03:00 am PST

Researcher Troy Hunt is sharing that UK retailer FatFace has been breached, and contrary to GDPR requirements, was slow to report it. Moreover, it has advised both customers and employees that stolen card data can’t be used illegally because there was only partial data stolen. In an email sent to thousands of customers, they requested customers “keep this email and the information included within it strictly private and confidential.” Gurucul offers perspective.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
March 26, 2021 11:01 am

<p>The breach of UK clothing retailer FatFace is interesting more for their response than the incident itself. While the data stolen was limited, it would still be useful to attackers. Their response to customers included an advisory to keep the incident in confidence. That is unusual and would seem to fly in the face of the UK\’s data protection laws. While a business might suffer a hit to their reputation after a breach, it is guaranteed to suffer a greater hit if they try to conceal one. Customers and the general public appreciate transparency and it goes a long way to restoring trust after a cybersecurity incident.</p>

Last edited 3 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x