Details will be sent to the Information Commissioner’s Office following the leak, it said.
Advertisement
The details of a few British Gas customers have appeared online, in the third problem to affect a major United Kingdom company in a week. It did however urge everyone affected to update their information on the British Gas website and to do so elsewhere if any of that information was re-used at all.
British Gas has about 14.7 million customer accounts, so the affected number represents a small fraction of its clients.
The e-mail from British Gas to customers stated: “I can assure you there has been no breach of our secure data storage systems, so none of your payment data, such as bank account or credit card details, have been at risk”.
The details were posted to the document-sharing site Pastebin before being removed.
“As you’d expect, we encrypt and store [important] information securely”, a company spokesperson said (via the BBC), in what nearly sounds like a jab at companies like Talk Talk which were recently found to not be encrypting the most sensitive data.
It also said no payment data had been compromised.
She added: “Criminals are learning how to do things”.
Personal data of customers – including names, dates of birth, contacts and details of previous orders – were exposed to strangers on the website.
However, it is not thought at this time that the bank account and card details were revealed.
Advertisement
It follows the data breach at TalkTalk last week. A joint operation between the Met’s cyber crime unit, the PSNI’s cyber crime centre and the National Crime Agency is continuing to probe the incident.
