European Data Protection Digest

Online Retailer Breached Via Third Party

DATA LOSS—UK

March 25, 2011

An online retailer has alerted its customers of a data breach that exposed names and e-mail addresses, ZDNet reports. The breach occurred after a third-party marketing company affiliated with Jersey-based Play.com experienced a breach. The Jersey Office of the Data Protection Commissioner (ODPC) is now investigating the breach. "It seems there is cause for concern," said Paul Vane of the ODPC earlier this week. "We will be establishing from Play.com what has happened and how we can deal with it." Vane added that despite the fact that the breach occurred at a third party, Play.com is ultimately responsible for customer data, and enforcement action is possible. Play.com CEO John Perkins has said the compromised information includes only customer names and e-mail addresses.
Full Story