More than a million
victims of data theft

Cyber crime experts investigating an attack on Loyaltybuild, which runs rewards schemes for companies across Europe, found more than 376,000 people have had their credit card details stolen.

The details of an additional 150,000 clients were potentially compromised in an attack on its data centre in Ireland.

Ireland’s Data Protection Commissioner, Billy Hawkes, also 
revealed that the name, address, phone number and email address of 1.12 million clients were 
taken.

“The initial indications are that these breaches were an external criminal act,” the watchdog said after being called in earlier today.

Loyaltybuild said it had been the victim of a sophisticated criminal attack.

It first raised concerns about a data security breach last month and the problem was initially thought to be limited to customers in Ireland.

More than 70,000 customers of the supermarket SuperValu, including more than 6,000 in Northern Ireland, and more than 8,000 at the insurance firm Axa were hit. Stena Line customers in Northern Ireland may also be affected.

Fraud squad officers and data protection inspectors spent the day at Loyaltybuild’s headquarters and data centre in Ennis, Co Clare, after the extent of the breach emerged.

Follow-up inspections are planned and the company has been warned that customers, banks and credit card firms must be notified.

The commissioner said: “The ODPC continues to warn customers to be vigilant in relation to their accounts and to report any suspicious transactions to their card company.

Clients should also be vigilant in relation to suspicious communication of any kind which they receive.”