Planet Ice, which operates 14 ice rinks across the UK, has revealed that criminal hackers broke into its systems and stole the personal information of more than 240,000 customers.
The first hint that most skating and ice hockey fans have noticed of a potential problem was when trying to book tickets online early last week, when Planet Ice’s servers reported “unscheduled server downtime. It was when I was presented with a brief message explaining that
The next day, some customers sent emails revealing that they had discovered that the “Ice Account” system had been compromised, giving unauthorized parties “external access to non-financial areas of the system.” Reported received from Planet Ice.
According to Troy Hunt’s HaveIBeenPwned project, the data of 240,488 customer accounts are currently in the hands of hackers such as:
- Date of birth, name and gender of the partying child
- email address
- IP address
- password
- telephone number
- physical address
- purchase
While it’s obviously a good thing that the payment information wasn’t accessed by hackers (thankfully it’s being handled by a third-party processor), how the above information could be misused by fraudsters. You can easily imagine there is.
For example, passwords were stored as MD5 hashes (a method considered old and outdated), so you would have to change them not only in Planet Ice, but anywhere else you might have changed your login credentials. I have. Use the same password.
In addition, scammers use personal information collected from compromised accounts to phish unsuspecting victims for more information, lure them to fake websites, or trick them into opening malicious attachments. may attempt to contact Planet Ice’s customers. .
Planet Ice said it notified the Information Commissioner’s Office (ICO) of the breach and called in external cybersecurity experts to assist with the investigation and response.
The company has warned its customers to treat any future emails they may receive regarding a security breach as “suspicious,” and if they want to review the content of the communication, they can contact their data protection officer named “Ross.” We encourage you to contact us. dataprotect@imp-uk.co.uk.
Lucky Ross.
Some Planet Ice customers turned to social media. they first heard about the security breach It wasn’t from the company itself, but from media reports or HaveIBeenPwned.
This seems a little unfair to poor old Ross, who must have spent a lot of time sending out 240,488 notification emails one by one.
