| 7.3°C Dublin

43,000 may have had their cards hacked

UP to 43,000 customers who booked getaway breaks could be affected by a security breach at a company that operates a loyalty scheme on behalf of major retailers.

Credit and debit card details belonging to customers of SuperValu, Axa and Stena Line may have been compromised following a cyber-attack at a Co Clare firm.

Loyaltybuild, based in Ennis, operates loyalty schemes on behalf of the three firms and said customers who booked breaks in the past 90 days may be affected.

However, it stressed that CVV (Card Verification Value) numbers generally needed to complete online transactions were not stored.

Some 39,000 SuperValu customers from the Republic and the North booked breaks, 50 with Stena Line and 4,368 with insurance giant Axa.

Some 102,000 customers in Norway and Sweden may also be affected.

Suspicions of a possible breach emerged on October 25, and a team of investigators was appointed to determine what had happened.

On October 30, it emerged that a breach may have occurred and the firm contacted the Data Protection Commissioner (DPC) two days later.

"Loyaltybuild's notification was precautionary as Loyaltybuild had no, and indeed still has no, evidence to show that personal data has been compromised," it said.



A DPC spokesman said its systems were encrypted, and it was not clear how much information had been taken.

"The systems were encrypted, including credit card and contact numbers. They (LoyaltyBuild) took the step of notifying individuals just in case," the spokesman said.

"The main thing is that people should monitor credit card use on their accounts or take measures to alter their details like PINs, or seek advice from their credit card provider.

"The company may have taken measures to seek advice from credit card advisors to flag certain accounts.

"It's a priority for them to get to the bottom of finding out the extent to which any information has been compromised."

Loyaltybuild manages and operates AXA Leisure Breaks on behalf of AXA Ireland, which gives customers a special rate on hotel and self-catering breaks.

The spokesman said: "Loyaltybuild maintain as little personal information as possible. Credit card numbers are encrypted and they do not store CVV numbers."

He said the issue was only related to AXA Leisure Breaks, and not other websites operated by the company.

Stena Line said it has worked on a "small-scale, tactical hotel promotion" with Loyaltybuild.

Customers can call it on 01-204 7777. Helplines are also in place at Axa (0818 300 189) and Super Valu (0818 220 088).