Sweaty Betty has warned customers that their personal data, including credit card details, may have been compromised after it fell victim to a cyber-attack.
The womens sportswear retailer emailed its customers informing them that a third party had gained unauthorised access to its platform.
Hackers are understood to have installed code onto Sweaty Betty’s website which captured personal and credit card data input during the checkout process between November 19 and 27.
— Liz T (@Elizabe05203242) December 3, 2019
@sweatybetty having to replace my credit card 3 weeks before Christmas due to a security breach in your transactions is not exactly convenient! At least 5 working days for a new one to come! #annoyed #totallynothappy!
— Valerie Huggins (@valhuggins) December 3, 2019
I just cancelled my card to be on the safe side. Not impressed, it was my first time ordering, so not the best experience!!
— Emma (@emmagandie) December 3, 2019
Though customers who already had their data saved on the platform were reportedly safe, the retailer warned that anyone inputting their data for the first time risked exposing their name, password, billing address, delivery address, email address, telephone number, card number, CVV number and expiry date to hackers.
The incident has been reported to police and the Information Commissioners Office (ICO), and Sweaty Betty says its website is now “completely secure”.
Customers who believe they have been affected by the attack have been directed to contact firstname.lastname@example.org with any questions regarding the attack.