Hackers are Trying to Hold Superdrug to Ransom

By Tom Pritchard on at

Another day, another set of hackers who say they've managed to access personal details and want money in exchange for their good behaviour. This time it's happened to Superdrug, with hackers trying some old-fashioned extortion by claiming they have details of 20,000 customers.

According to Superdrug the hackers handed over some personal information to prove they weren't making it up, which Superdrug then verified against customer login information. While it's only seem evidence that 386 customers have had their data compromised, the high-street chain is encouraging people to change their passwords as soon as possible. It also confirmed that hackers managed to obtain names, addresses, and "in some cases" cases of birth and phone numbers, but not financial details.

Despite this, Superdrug says that there's no evidence that its system had been compromised, and suspects that hackers were able to obtain credentials from other websites and used them to access Superdrug accounts. This is why you don't use the same password for everything, folks.

Superdrug says it's directly contacted customers it believes have been affected, tweeting out a confirmation that the email was genuine. That same email confirms that the company has been in touch with both the police and Action Fraud, with the intention of offering any and all information they need to investigate the matter. [BBC News]

Image: Ewan Munro/Flickr