Kiddicare has been subject to a data breach that leaked personal details, including names, e-mail and home addresses and phone numbers of some of its customers.
A sizeable 794,000 of Kiddicare’s customers may have been affected.
The childrenswear retailer said it was informed of the data breach by customers who had received strange text messages that were not directly from Kiddicare. Following this, a security company contacted Kiddicare with further information of the breach’s source. The exposed data was from a “test” website that was created in November 2015.
While customers’ bank information was not exposed, those personal details which did get out could be abused by scammers.
The parenting specialist has been largely criticised for not posting the exact details of the breach to its customers on its website and social media channels, although some questions have been answered.
The business confirmed that it had reported itself to the UK’s Information Commissioner.
“We are very sorry for the potential stress and anxiety this incident may have caused our customers,” Kiddicare addressed customers in a statement sent to the BBC.
“We want to reassure everyone that the problem has been fixed, increased security measures have been implemented and we have a dedicated team to here to help with any further concerns.”
The UK-based retailer stressed that payment details such as credit card information had not been leaked.