70,000 customers at risk from 'sophisticated criminal attack'

Supervalu customers who took advantage of a holiday offer are at risk

Up to 70,000 people in Ireland who took advantage of a customer loyalty offer could have been victims of a "sophisticated criminal attack".

The company, Loyaltybuild, said it had suffered a security data breach.
Supermarket chain Supervalu has asked 62,500 people involved in its Getaway Breaks scheme to contact their banks - 6,800 of those are in Northern Ireland.
AXA Ireland has said up to 8,000 of its customers may have been affected.
Loyaltybuild has advised the Data Protection Commissioner of Ireland and the police.
In a statement on its website, it added: "As part of our ongoing investigation, into a system breach identified last month, Loyaltybuild has discovered that it has been the victim of a sophisticated criminal attack.
"We are working around the clock with our security experts to get to the bottom of this and to further enhance our security in order to protect our valued customers, who are of paramount importance to us."

Continue reading the main story

“Start Quote

We are working around the clock with our security experts to get to the bottom of this”

End Quote Loyaltybuild statement

Customers are advised to check their payment cards for suspicious activity.

The breach was discovered on 25 October and a third party firm has been running forensic tests.
Supervalu said the incident was more extensive than initially thought. Customers who made Getaway Break bookings between January 2011 and February 2012 have been advised to contact their financial institutions.
Customers are also being warned to treat any unsolicited communication claiming to represent Supervalu Getaway Breaks or Loyaltybuild with "extreme caution".
Supervalu said it was continuing to work with Loyaltybuild to resolve the issue as quickly as possible but had also engaged its own IT security consultants to investigate the Loyaltybuild system.
It also emphasised that the breach of security was in data collected and held by Loyaltybuild on Getaway Breaks customers only and did not involve other customers of Supervalu.
AXA Ireland confirmed its customers' data may also have been compromised by the Loyaltybuild breach. Up to 8,000 customers may have been affected.
In a statement, the company said: "Loyaltybuild's forensic team has now advised that there is a high risk that an unauthorised third party accessed details of payment cards used to pay for AXA Leisure Breaks between January 2011 and February 2012.
"This investigation is still ongoing in relation to whether other personal data of customers has been compromised," it added.
AXA said all other customer transactions by payment card were unaffected.