Customer details in town skip
Hundreds of customers’ data at risk
A probe has been launched after confidential details of up to 200 customers of Bathstore Ayr were found in a skip.
And there are now fears that the details of thousands of customers who bought products from the now defunct bathroom retailer may be compromised.
The details found in a skip included:
● Names and addresses of customers
● Credit card/ debit card details
● Mobile phone numbers
● Cash transactions
● Finance agreements The data breach affects customers in areas including Ayr, Prestwick, Troon, Dunure, Maybole, Dalmellington, Kilmarnock, Kilwinning, Coylton, Stevenson, Mauchline and Cumnock.
Ryan Grant, one of the joint administrators and BDO partner, said: “Bathstore’s investigation has shown that only a small number of customers are potentially at risk and they have been contacted, consistent with the approach notified to the ICO.”
Confidential details of up to 200 customers of Bathstore Ayr were found in a skip.
And there are now fears that the details of thousands of customers who bought products from the now defunct bathroom retailer year may be compromised.
The details found in a skip include:
• names and addresses of customers
• credit card/ debit card details
• mobile telephone numbers
• cash transactions
• finance agreements.
The find leaves at least 200 customers absolutely wide open to a variety of potential problems including card fraud or identity theft.
Some of the paperwork includes delivery details and information about when customers’ properties were vacant.
The data breach affects customers in a variety of areas including Ayr, Prestwick, Troon, Dunure, Maybole, Dalmellington, Kilmarnock, Kilwinning, Coylton, Stevenson, Mauchline and Cumnock.
Bathstore Ayr, which operated out of premises on Prestwick Road, went into administration in June. It was part of a chain of 160 stores nationwide.
It is feared that the data breach, which involved customers in March, is just the tip of the iceberg.
The confidential info was discovered and handed in to The Post by a concerned member of the public.
He asked to remain anonymous but he expressed fears that even more customer files were tipped and potentially fallen into the wrong hands.
Since the The General Data Protection Regulation ( GDPR) and the Data Protection Act 2018 came into force last year UK firms have been compelled to tighten up on how they store and process data they hold. This week’s revelation flies in the face of the law.
BDO partner Ryan Grant, one of the joint administrators, said: “This is an isolated incident at Bathstore’s Ayr branch and a thorough investigation is now being conducted.
“The company, via its joint administrators, has taken possession of the file in question. The Information Commissioners’ Office has been notified of both the circumstances of this matter and the proposed approach which Bathstore has adopted.
“Bathstore’s investigation has shown that only a small number of customers are potentially at risk and they have been contacted, consistent with the approach notified to the ICO.
“Should anyone who provided data or information to Bathstore have any concerns, they should not hesitate to contact BSCOM@bdo.co.uk.”
A thorough investigation is now being conducted