DivideBuy customers should ‘remain vigilant’ following cyber attack - CEL Solicitors

Hundreds of customers have had their data breached after credit payment provider DivideBuy was targeted by cyber criminals.

The full extent of the attack is not yet known, but national law firm CEL Solicitors has already accepted over 100 cases of customers who have had their personal data exposed as a result of the attack.

Affected customers were contacted directly by the company on 3 March to notify them of the breach, which included personal data such as name, date of birth, address, phone number and email.

One DivideBuy customer, who wishes to remain anonymous, is already concerned about suspicious texts following the attack. She said: “Since being notified, I’ve already experienced a number of suspicious texts. One claimed to be from PayPal and another from Royal Mail.

“While I don’t know for sure if this was a direct result of the breach, it’s incredibly stressful to know that my personal details are in the hands of cyber criminals, and I am very worried about what other measures they may take to obtain more of my personal information.”

Some credit report information was also contained within the material accessed, but as this was not stored in a readable format DivideBuy said in their correspondence with victims that it “<em>is not likely to be able to be used by the person or persons who accessed it</em>”.

The email to customers also offers those impacted a 12 month subscription to TrueIdentity, a credit score agenda and ID theft programme. DivideBuy has encouraged customers to use the programme to track whether their personal data is being used.

Mark Montaldo, director at CEL Solicitors – which specialises in data breach – said: “We are working with a large number of customers impacted by the breach, who are quite rightly concerned about how their data might be used by these criminals.

“The fact DivideBuy is actively encouraging those affected to sign up to the programme, could indicate that some of the personal data is not encrypted, meaning it is not safeguarded against unauthorised or unlawful access, which could put them at risk.

“DivideBuy has not provided a public statement to confirm further details, but we are encouraging anyone affected to keep an eye open for any unusual activity on their bank accounts, as well as any suspicious emails or texts. The repercussions of a hack like this may not always happen straightaway, so it is extremely important to remain vigilance.”