Play.com, one of the largest online retailers of DVDs, CDs, MP3s, books and gadgets, has released a statement to customers notifying them that some customer names and email addresses may have been compromised in a security breach. The company has assured customers that no credit card details have been jeopardised in the breach, however the letter to customers warned recipients to be wary of future correspondence from Play.com and has asked people not to click on any links or give out sensitive information such as bank account details or passwords over email.
“While it is a good thing that Play.com issued a statement to let customers know about the security breach, it does not offer any information about what people should do if they notice any unusual activity on their Play.com account,” said Mark Harris, VP of SophosLabs. “The full extent as to what information has been leaked is not clear, but any security breach involving the loss of customer information is extremely serious – even though Play.com has stated that the breach occurred with a third party, they are ultimately responsible for the security of their customer’s data. Play.com customers should exercise additional caution when accessing their emails, even if they appear to come from trustworthy sources. Sophos advises users of Play.com to err on the safe side and change their passwords on Play.com.”