Payday loan company Wonga has confirmed that a security incident may have affected some of its customers’ personal and financial information.
The Britain-based lender says it’s currently working to notify affected customers that the incident may have compromised their names, e-mail addresses, home addresses, phone numbers, the last four digits of their payment card number, and/or their bank account number and sort codes. But at this time, the loan company has not found evidence to suggest the event exposed customers’ passwords. As Wonga explains in a statement:
“We do not believe your Wonga account password was compromised and believe your account should be secure, however if you are concerned you should change your account password. We also recommend that you look out for any unusual activity across any bank accounts and online portals. [sic]”
According to The Register, the incident is believed to have affected 270,000 customers, with 245,000 of those victims residing in the United Kingdom.
Wonga customers should reach out to their banks and ask them to look out for suspicious activity. They might also consider placing a security freeze on their credit to prevent lenders from accessing their credit report in the event a bad actor files a new credit application in their name. The payday lender says it too will be reaching out to financial institutions to alert them about the potential breach.
At this time, Wonga has yet to provide more details about how the incident may have happened. Here’s what the company has said so far:
“We take issues of customer data and security extremely seriously. Cyber attacks are, unfortunately, on the rise. While Wonga operates to the highest security standards, these illegal attacks are unfortunately increasingly sophisticated. We sincerely apologise for the inconvenience and concern this has caused.”
Let’s hope the lender provides more information soon and details how it’s working to prevent similar incidents from happening in the future.
News of this potential disclosure follows just a few days after U.S. discount brokerage firm Scottrade confirmed that a third-party data breach inadvertently exposed 20,000 of its customers’ non-public information.