provide details of customer security breach

23 March 2011

Yesterday retailer announced something had went a little kaka with regards to their customer's personal information - a third party marketing company had lost some, all or none of it.

Play emailed customers to warn them of the security breach but it was vague on the specifics. Clearly Bitterwallet wasn't the only organisation to chase Play and ask the pesky questions customers wanted answers to - exactly who had made the bungle and how much personal data, if any, had been lost. Late last night, Play emailed customers again with an update:

On Sunday the 20th of March some customers reported receiving a spam email to email addresses they only use for We reacted immediately by informing all our customers of this potential security breach in order for them to take the necessary precautionary steps.

We believe this issue may be related to some irregular activity that was identified in December 2010 at our email service provider, Silverpop. Investigations at the time showed no evidence that any of our customer email addresses had been downloaded. We would like to assure all our customers that the only information communicated to our email service provider was email addresses. have taken all the necessary steps with Silverpop to ensure a security breach of this nature does not happen again.

We would also like to reassure our customers that all other personal information (i.e. credit cards, addresses, passwords, etc.) are kept in the very secure environment. has one of the most stringent internal standards of e-commerce security in the industry. This is audited and tested several times a year by leading internet security companies to ensure this high level of security is maintained.

It's certainly not unusual for larger companies to outsource their marketing to smaller specialist agencies, but as Bitterwallet reader Andrew pointed out yesterday, other customer databases may have been compromised during the same breach.

Also, we've met Silverpop before - they're the people behind MyVoucherCodes' irresisitable email marketing that is (or at least, was) impossible to unsubscribe from.

Expect a little more spam in your box from now on.

TOPICS:   Privacy   High Street News


  • Timbo
    My wife got the email too; now this morning received this email: From: United Parcel Service Date: 22 March 2011 23:17 Subject: United Parcel Service notification To: [email protected] Dear customer. The parcel was sent your home address. And it will arrive within 7 business day. More information and the tracking number are attached in document below. Thank you. © 1994-2011 United Parcel Service of America, Inc. UPSnotify.rar 6K Download Bet that rar file is dodgy! At least she had the sense to ignore it!
  • yak
    timbo… snap binned it, did a little search and its a common scam apparently
  • clever c.
    @timbo, how did your wife get such a cryptic email address? maybe she ordered pornos
  • klingelton are on my "never again" list after the whole wrath of the lich king debarcle. Never shopped wiht them since. They're scum.
  • TripAdvisor B.
    [...] day, another massive security breach by a large online organisation. Yesterday it was and today it’s travel review behemoth TripAdvisor. They’ve told their registered members that a [...]

What do you think?

Your comment