The Irish Times is reporting that the Data Protection Commisioner, Billy Hawkes, has confirmed that the compromised credit card data at LoyaltyBuild had been stored in an unencrypted form – together with the 3-digit CVV number from the backs of the cards.
When first reporting the breach last week, the company had claimed that all financial data was encrypted, and that CVV numbers were not retained.
The Times puts the total number of people affected at about 1.5m: 400,000 whose credit cards have been “seriously compromised”; 150,000 whose cards have been “potentially compromised”; and 1.1 million whose names address and phone numbers were taken.
Related articles
[…] Honan joins Conn Ó Muíneacháin to disccuss the issues surrounding the revelation this week that the full, unencrypted credit card details of 500,000 people have been stolen from LoyaltyBuild in Co. […]