Vision Direct has apologized after customers' personal and financial details were found to have been leaked.
According to a statement, the data was compromised between November 3 and 4 2018 “when entering data on the website and not from the Vision Direct database” and included full names, billing addresses, email addresses, passwords and telephone numbers. Payment card information, including card number, expiry date and CVV, was also compromised. However, PayPal users are unaffected, Vision Direct confirmed.
“As the information was compromised as it was being entered into the site, any existing personal data that was previously stored in our database was not affected by the breach,” it said. “All payment card data is stored with our payment providers and so stored payment card information was not affected by the breach.”
Anyone who visited the website and did not enter details should not be affected, it confirmed.
“We understand that this incident will cause concern and inconvenience to our customers,” Essential Retail reported. “We are contacting all affected customers to apologize and continue to inform you of any updates in the next few days.”