The website has sent a mass e-mail to all of its customers stating that their credit card details have not been compromised. It seems that e-mail information leaked from a company involved with keeping the marketing records at Play.com. Silverpop, the ‘liaison’ company, appears to have taken all the blame for the website’s lack of a good inside customer privacy protocol.
The e-mail they’ve sent to their customers reveals that only a small part of all customer e-mails have been compromised. It took a number of complaints in order to get a resolution moving, and the website to confirm that only spamming was the culprit of those complaints and no furthermore leakage. Personal information such as debit card numbers or passwords were not accessed, and Play.com, which is a serious player in online retailing alongside Amazon, did actually warn its customers about a possible threat coming from spam e-mails. This type of e-mail takes the identity of play.com and falsely encourages the customers to input their details for miscellaneous offers, subscriptions or account verifications.
The website told its customers: ‘We will never ask you for information such as passwords, bank account details, or credit card numbers. If you receive anything suspicious in your email, please do not click on any links and forward the email on to firstname.lastname@example.org for us to investigate.’ The internet term that best describes the spam e-mails received by the customers is called ‘phishing’. Delicate information such as ID numbers and passwords represent the main target of ‘phising’; this violation of private information can’t be combated in any other manner but by increasing awareness with the help of press conferences or communicates.
The SEO of Play.com also said: ‘We would like to assure all our customers that the only information communicated to Silverpop were email addresses. Silverpop and Play.com have taken all the necessary steps to ensure a security breach of this nature does not happen again.’
The Guardian received information about the spam e-mails from one of Play.com’s customers, Luke Taylor, who said: ‘They said that they had already heard of this and anyone who contacted them would have their information passed to the IT department who were investigating, and would be contacted in due course. They repeated this statement ad nauseam when I inquired why I hadn’t been proactively contacted since they store sensitive data including credit card numbers. They wouldn’t let me speak to anyone else.’
Third-party companies like Silverpop proved to be ‘sick child’ of the ‘family’. Play.com managed to send the blame on their servers and refrain from making other comments for the publications.