We have received information about a breach of personal data as a result of a hacker attack. The attackers gained access to files with our customers' data – the clothing chain Ochnik reported in a statement.
“On September 18, 2024, we received information about a breach of personal data protection. This occurred as a result of a hacker attack on the infrastructure of our technology partner. Unauthorized persons gained access to one of the technical accounts. By exploiting a security hole in the software used, the attackers gained access to files with our customers' data,” Ochnik informs.
As a result of a hacker attack data such as names, surnames, delivery addresses, e-mail addresses, and phone numbers were leakedThe network adds that the attackers did not gain access to passwords, transaction history or other access data.
“Immediately after detecting the incident, our partner implemented preventive measures, blocking access to the system and eliminating the source of the problem. Currently, we have not recorded any information about negative effects related to this incident, and we assess the probability of their occurrence as low,” the network added.
What could be the consequences of a data leak?
Ochnik said in a statement that after detecting the incident, the company's technology partner blocked access to the system, eliminating further data leakage. The company also notified the president of the Office for Personal Data Protection, the police, and CERT.
The chain also warned that due to compromised data, customers may face:
- attempts to send unsolicited marketing materials (so-called spam) to an email address or telephone number,
- phishing attempts, i.e. contacts from unknown companies and people trying to obtain additional data,
- attempts to complete the rest of your data through suspicious phone calls or emails.
Ochnik's recommendations after hacker attack
The company also provided a list of recommendations for securing your data after a data leak. As it points out, the first thing to do is be cautious with suspicious emails, especially those containing links or requests for additional data.
You should also avoid giving out your information via phone calls or email replies. The final step is to monitor your online accounts for unauthorized activity.
“If you notice any suspicious activity, we recommend immediately reporting the incident to the appropriate authorities (Police, Office for Personal Data Protection),” the network said.
As Ochnik adds, “if you have any questions regarding this incident or need further clarification, please contact the Personal Data Protection Inspector, Małgorzata Rzeszotarska, at the following email address: rezerwochronydanych@ochnik.com.”
Main image source: OleksSH / Shutterstock