INSUBCONTINENT EXCLUSIVE:
The personal details, including credit card numbers, expiration dates and CVV codes, of thousands of Vision Direct customers have been
exposed following a hack against Europe's largest online seller of contact lenses and eye care products.The online retailer noted that
anyone who entered their details into its site between 3 and 8 November could be affected with 16,300 customers identified as being at
risk.Vision Direct revealed that a fake Google Analytics script hidden within its sites' code was the cause of the hack and that its UK site
was involved as well as local versions for Ireland, the Netherlands, France, Spain, Italy and Belgium.A company spokesperson told the BBC
that 6,600 customers were believed to have had their financial data compromised while 9,700 people had just their personal data
exposed.Shoplift malwareVision Direct's spokesperson provided further details on the cause of the breach to the BBC, saying:"This particular
breach is known as Shoplift and was already known to our technology team, who installed a patch provided by our web platform provider to
prevent this form of malware
Unfortunately, this current incident appears to be a derivative against which the patch proved ineffective
We are continuing to investigate the breach and have made numerous steps to ensure this does not happen again."After news of the attack
spread, Vision Direct apologised to those who were affected by the hack in a statement on its site in which it urged anyone who updated
their details between 3 and 8 November to contact their banks and or credit card providers, saying:"The personal information was compromised
when it was being entered into the site and includes full name, billing address, email address, password, telephone number and payment card
information, including card number, expiry date and CVV
We understand that this incident will cause concern and inconvenience to our customers
We are contacting all affected customers to apologise."The company also noted that those who used PayPal during the period might have had
their personal details exposed but their payment details should be safe.Via the BBC
