Vue Cinemas informs customers about data breach of bank account numbers this summer
Vue Cinemas has informed customers about the data breach from earlier this year, which included access to bank account details, encrypted passwords and email addresses. Although several unauthorized persons had access, no data was actually stolen.
In the mail the cinema chain reports that research by forensic experts has shown that ‘unauthorized persons’ other than the ‘ethical hacker’ who disclosed the data breach had access to the database. According to the researchers, only the hacker in question downloaded a small amount of personal data to demonstrate this to the reporting journalist from RTL News. The two people involved have stated in writing that the copies of this data have been permanently deleted. Furthermore, no other parties would have downloaded data. This would result in a very low level of risk in terms of possible adverse consequences for those affected.
The data breach was revealed at the end of August this year based on the experiences of a hacker. An error in Vue’s website would have made it possible to view the source code of the website, including various user data. In addition to customers’ names, email addresses and dates of birth, hashed passwords and bank account numbers were also visible. In the meantime, Vue says it has fixed the vulnerabilities and the company has had an audit carried out, after which further security improvements have been implemented.