500,000 Credit Cards Compromised at Irish Firm

The Data Protection Commisioner, Billy Hawkes, has sent inspectors to the offices of LoyaltyBuild in Ennis, Co. Clare, after it was revealed that the credit card data of 500,000 users in Ireland and elsewhere in Europe had been stolen.

Speaking on Newstalk this morning, Mr Hawkes told Pat Kenny that the criminals obtained “full credit card details”, including the the 3-digit CVV number found on the back of credit cards.  Mr Hawke confirmed that this gave the perpetrators “all the information they would need to make a purchase”.

The commisioner confirmed that his office had been initially notified about the data breach last week, but that they had been informed that the CVV codes were not among the compromised data.  He said that it was only yesterday that they were informed that the breach was more serious.

LoyaltyBuild was founded in Ennis in 1999, and grew rapidly on the success of the Supervalu Getaway scheme which it operated on behalf of the supermarket chain.  It expanded into European markets and in 2008 was bought by the US company Affinion International.  To date over 3.1 million Europeans have availed of customer rewards operated by LoyaltyBuild and in Ireland it also operates a loyalty scheme on behalf of Axa Insurance, in addition to Supervalu.  Last month it reported almost €4.5m in annual profits.

It is estimated that 70,000 customers of Supervalu and AXA who booked getaway breaks between January 2011 and February 2012 are affected.  Customers who availed of the scheme in that period are advised to check their credit card statements for signs of fraud and the Consumer’s Association have recommended that users cancel their cards and order new ones.


, , , , ,


  1. Cosaint Sonraí: Na Rialacha - November 12, 2013

    […] go leor ceisteanna inniu faoin sárú slándála ag an gcomhlacht LoyaltyBuild, inar goideadh sonraí na gcártaí creidmheasa le leathmhilliún duine ar fud na hEorpa.  Tá fiosrúcháin ar bun ag na Gárdaí agus ag An Coimisinéir Cosanta Sonraí.  Níl heol […]

  2. Data Commisioner Confirms Credit Card Data Was Not Encrypted - November 12, 2013

    […] Irish Times is reporting that the Data Protection Commisioner, Billy Hawkes, has confirmed that the compromised credit card data at LoyaltyBuild had been stored in an unencrypted form – together with the 3-digit CVV number from the backs […]

  3. LoyaltyBuild: Brian Honan Explains the Security Issues [Audio] - November 13, 2013

    […] 500,000 Credit Cards Compromised at Irish Firm […]

  4. Loyaltybuild Ripples Spread - November 14, 2013

    […] 500,000 Credit Cards Compromised at Irish Firm […]

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.