FatFace has asked customers to keep news of a hack “strictly confidential” after warning them their personal details may have been stolen.
The fashion retailer emailed customers yesterday informing them that their names, email addresses, postal addresses and partial card details may have been exposed in a cyber-attack.
According to Forbes, which first reported the story, customers were asked by FatFace to keep news of the data breach “strictly private and confidential”.
@fatface from today’s email – I seem to be missing the page with ‘sorry’ on it
— Sue Claridge (@castlehillgirl) March 24, 2021
This backfired spectacularly, seeing shoppers angry at being asked to keep it a secret take to social media to share the news.
Customers also expressed their concern that the hack had reportedly taken place two months ago, but they were only just being informed.
Furthermore, it is understood that FatFace employees were at risk of far more exposure, with one staff member telling Forbes they believe their sort codes, account numbers and National Insurance numbers may have been accessed.
In the email sent to customers, FatFace said: “On 17 January 2021, FatFace identified some suspicious activity within its IT systems.
I got the email too. Two months to let us know. 😡
— Sharon McTeir (@sharonmcteir) March 24, 2021
“We immediately launched an investigation with the assistance of experienced security specialists, who, following thorough investigation, determined than an unauthorized third party had gained access to certain systems operated by us during a limited period of time earlier the same month.”
FatFace added that it details of its staff and former staff which were potentially accessed “cannot be misused for fraudulent transactions, so you don’t need to cancel your payment card on this basis.”
Affected customers and staff will also reportedly receive a complimentary 12-month membership of Experian Identity Plus paid for by FatFace.