Criminals threaten Superdrug over 20,000 customer account details

Superdrug have advised 20,000 customers to change their passwords after blackmail attempt

Criminals recently attempted to blackmail Superdrug after claiming they had access to 20,000 customer accounts. The criminals threatened to sell customer data on the dark web unless a ransom was paid, so far it is believed the data included email addresses, passwords and in some cases DOBs. Superdrug chief executive Peter McNab reassured customers that no payment information was stolen.

Superdrug have said that although the criminals claim to have 20,000 account details they only have evidence of 380 accounts being compromised. They have also said that there is no evidence of a Superdrug breach and believe that the criminals have obtained the credentials from other websites.

In effort to prevent any more accounts being compromised, Superdrug have emailed customers advising them to change their passwords as a precaution. Customers however have been displeased over the response, asking why Superdrug have not apologised to them over the potential breach of their accounts.

This case brings into perspective the importance of creating new passwords for as many online accounts as possible. When criminals obtain account credentials they will attempt to use the same account credentials for as many sites as possible to try and gain more data. They know that many consumers use the same credentials repeatedly to make their lives easier, but what you?re also doing is making a hacker?s life easier.

Having different passwords for all your accounts doesn?t have to be as much of a nightmare as it sounds. There are free tools online that allow you to safely store all your account credentials, tools like; LastPass, KeePass and Dashlane can make account safety easy.

It is also very important to create strong passwords, see how long it would take a computer to crack your password using https://howsecureismypassword.net/

*The external websites linked in this blog are not provided by Hallidays IT and we are not responsible for the content on them. The use of any software or links from this website are done so at your own risk, Hallidays cannot be held responsible or liable for any damages and/or losses that may result by following them. At the time of writing this blog the links were checked and working correctly and pose no threat.