security breach leads to rise in spam

A number of customers have received spam, following the website’s credit card security breach, suggesting that someone is using their compromised customer data.

On the forum, several users complained that the email address they use for, was receiving spam. One user said, “I received two this morning. One sent to my play@ [my domain] and the other to play247@ [my domain] which is clearly an address I’ve held for many years as I forgot I even had it or that Play even had a different name back in the day! So the addresses they’ve got must be going back years. And some people wonder why every company I give my details to I use their name @ [my domain].. Caught plenty of them this way.”

On his countermeasures blog, Rik Ferguson, director of security research and communications at Trend Micro, urged customers to complain to the Information Commisioner’s Office. Under the Data Protection Act 1998, companies that collect personal data have an obligation to keep the data secure.

“If you have received one of these notification emails and have any concerns, you can make a direct complaint to the Information Commissioner’s Office,” Ferguson said.

“While it is a good thing that issued a statement to let customers know about the security breach, it does not offer any information about what people should do if they notice any unusual activity on their account,” said Mark Harris, V-P of SophosLabs.

“The full extent as to what information has been leaked is not clear, but any security breach involving the loss of customer information is extremely serious – even though has stated that the breach occurred with a third party, they are ultimately responsible for the security of their customer’s data. customers should exercise additional caution when accessing their e-mails, even if they appear to come from trustworthy sources. Sophos advises users of to err on the safe side and change their passwords on”