Previously, a number of Chain Reaction customers, including myself, had reported unauthorised transactions appearing on their credit cards after placing orders with the online retailer. Working with independent experts, the company has now found and permanently closed the security hole.
They have this to say:
The independent forensic investigation has shown that our infrastructure was the target of a sophisticated attack which resulted in the theft of card details relating to a number of our customers. Details were being stolen ‘real time’ and only a small proportion of recent CRC customers were affected.
The access point of the theft has been identified and permanently closed off so we are confident that we have fully addressed any weakness in our infrastructure.
Good news, and back to business as usual.
There is further reporting on this issue on The Register.
