Online retailer says addresses were stolen from third party email marketing firm.
Play.com has further detailed the security breaches which have seen customers’ email addresses stolen from a third party email marketing firm in the United States.
In an email sent to users, the CEO of Play.com, John Perkins, said, “On Sunday the 20th of March some customers reported receiving a spam email to email addresses they only use for Play.com. We reacted immediately by informing all our customers of this potential security breach in order for them to take the necessary precautionary steps.”
Perkins said the breaches may be related to “irregular activity” identified by its US email service provider, Silverpop. He added, “Investigations at the time showed no evidence that any of our customer email addresses had been downloaded. We would like to assure all our customers that the only information communicated to our email service provider was email addresses. Play.com have taken all the necessary steps with Silverpop to ensure a security breach of this nature does not happen again.
While Play.com says no credit card or other personal details have been stolen, the site has been criticised over the fact customers cannot manually remove such information.
It’s believed the stolen email addresses are being targeted as part of phishing scams. If you have any concerns, Play.com says you should email them directly at email@example.com