Hundreds of bank details may have been stolen after hackers target New Forest leisure centre system

HUNDREDS of sports centre users may have had their bank details stolen by computer hackers.

More than 1,400 people who booked sessions online have been contacted by New Forest District Council following the discovery that someone has hacked into its website.

They have been warned that their names, telephone numbers and e-mail addresses could have been accessed.

Potential victims of the security breach include 240 people who also paid online and have been told that their credit and debit card details may have fallen into the wrong hands.

The council’s chief executive, Dave Yates, is urging them to monitor their bank accounts and look out for any signs of suspicious activity.

Police have launched an investigation into what the authority is describing as a “malicious attack” on its computer system.

A council spokesman said the website was shut down as soon as the unauthorised access was detected.

She added: “All the people we’ve contacted could potentially have been affected. There is no evidence to suggest that the intruder has accessed customers’ personal data but there is a possibility that this could have happened.

“For 240 customers only there is a remote possibility of their credit/debit card details being accessed.”

Council bosses have alerted a total of 1,434 sports centre users.

The figure is based on the number of people who have used its new online booking system, which was introduced earlier this year for badminton players and customers wanting to take part in group exercise sessions.

Action is now being taken to prevent it happening again.

The Tory-controlled council operates five health and leisure centres at Applemore, Lymington, New Milton, Ringwood and Totton.

Its website is now back up and running, having been shut down for several days.

But members of the Liberal Democrat opposition group are demanding answers.

Cllr David Harrison said: “We will be asking some searching questions as to how website security appears to have been breached.”

* Part of Mr Yates’ letter to potential victims says: “We are writing to inform you that our web security team detected a malicious attack on our website.

“We have established that unauthorised access was gained to the health and leisure online book and pay system.

“There is a remote possibility that, as a user of the online booking system, your personal data may have been viewed by the intruder. However, from our investigation there is no evidence that this has taken place.

“If you have any concerns about your credit/debit card account, you should contact your bank or card provider.

“Additionally, as a precaution, you should review your bank and credit card statements regularly to look for unusual or suspicious activity.”

Comments (2)

Please log in to enable comment sorting

4:40pm Wed 22 May 13

uberbloke says...

“For 240 customers only there is a remote possibility of their credit/debit card details being accessed.”

Really... 'cos if that is the case then they'd better hope their PCI compliance is bullet proof or someone somewhere is going to be in a world of hurt...

"Amongst its powers, the ICO can prosecute and issue fines of up to £500,000 and undertake proceedings that can lead to prison sentences."

http://www.itgoverna
nce.co.uk/dpa-penalt
ies.aspx
“For 240 customers only there is a remote possibility of their credit/debit card details being accessed.” Really... 'cos if that is the case then they'd better hope their PCI compliance is bullet proof or someone somewhere is going to be in a world of hurt... "Amongst its powers, the ICO can prosecute and issue fines of up to £500,000 and undertake proceedings that can lead to prison sentences." http://www.itgoverna nce.co.uk/dpa-penalt ies.aspx uberbloke
  • Score: 0

7:30pm Wed 22 May 13

Tripod says...

Yet another organisation that thinks it's acceptable to store other peoples personal data un-encrypted!
Yet another organisation that thinks it's acceptable to store other peoples personal data un-encrypted! Tripod
  • Score: 0

Comments are closed on this article.

click2find

About cookies

We want you to enjoy your visit to our website. That's why we use cookies to enhance your experience. By staying on our website you agree to our use of cookies. Find out more about the cookies we use.

I agree