The Data Protection Commisioner, Billy Hawkes, has sent inspectors to the offices of LoyaltyBuild in Ennis, Co. Clare, after it was revealed that the credit card data of 500,000 users in Ireland and elsewhere in Europe had been stolen.
Speaking on Newstalk this morning, Mr Hawkes told Pat Kenny that the criminals obtained “full credit card details”, including the the 3-digit CVV number found on the back of credit cards. Mr Hawke confirmed that this gave the perpetrators “all the information they would need to make a purchase”.
The commisioner confirmed that his office had been initially notified about the data breach last week, but that they had been informed that the CVV codes were not among the compromised data. He said that it was only yesterday that they were informed that the breach was more serious.
LoyaltyBuild was founded in Ennis in 1999, and grew rapidly on the success of the Supervalu Getaway scheme which it operated on behalf of the supermarket chain. It expanded into European markets and in 2008 was bought by the US company Affinion International. To date over 3.1 million Europeans have availed of customer rewards operated by LoyaltyBuild and in Ireland it also operates a loyalty scheme on behalf of Axa Insurance, in addition to Supervalu. Last month it reported almost €4.5m in annual profits.
It is estimated that 70,000 customers of Supervalu and AXA who booked getaway breaks between January 2011 and February 2012 are affected. Customers who availed of the scheme in that period are advised to check their credit card statements for signs of fraud and the Consumer’s Association have recommended that users cancel their cards and order new ones.