Vision Direct, a UK based online optical lenses retailer has confirmed that a cyber attack on its database has leaked out personal data of its valuable customers. Sources say that the leaked info includes full name, billing address, email address, password, telephone number, and payment card info- including CVV number & expiry date.
Cybersecurity Insiders has learned that the users who put details onto the site between 3rd and 8th November could be at critical risk- approx 16,000 individuals.
Prima Facie launched by the firm says that a fake Google Analytics script leaked info to hackers.
Technically speaking such fake scripts are known as ‘Shoplift’ and it’s the web admins duty to patch their databases with the updated security software in a proactive way.
Vision Direct’s IT staff report that they have taken all the measures to block such leaks. But the recent incident emerged as a directive against which the patch proved futile.
Since users who used PayPal to pay for services did not have the payment details stored on the servers; they are termed to be safe from the hack.
However, as a precautionary measure, the contact lenses and eye care solutions provider is urging all its customers to change their login passwords. At the same time, the Camden, London based firm is asking the users to contact their credit card providers or banks if in case they suspect that they have been affected by the hack.