Payday Loans Online Data Breach: Personal Information From 250,000 People Stolen From Company

Short-term lender Wonga has informed its customers that personal information from a quarter of a million accounts has been stolen in a data breach.

The attackers managed to collect 245,000 user accounts from Wonga customers in the United Kingdom and another 25,000 from users in Poland.

The stolen customer information includes names, email addresses, residential addresses, phone numbers, bank account numbers and the last four digits of a user’s credit card. Wonga has described the breach as having compromised “limited personal data.”

Read: Major Security Breach: More Than One Billion Emails Exposed By Spammers, Researchers Say

While none of the information may lead to a direct fraud committed against any of the users, it is still shocking to have a dataset about one’s life exposed in such a way, especially when the information was trusted to a business that failed to protect it.

However, the information can be cross-referenced with the number of previous database breaches that have occurred in recent years that often include passwords and logins. For those who may use the same password across multiple accounts, breaches like these can become exponentially more compromising.

Wonga first became aware of the possibility of a potential data breach as early as last Tuesday, according to a report from the Telegraph, but the company was unable to confirm the attack until Friday. On Saturday, it began alerting users their information had been compromised.

Wonga holds that user accounts are secure and no additional information needs to be taken. For the time being, the payday loan company has informed customers that their accounts with Wonga require no additional action to secure.

The company also has taken to informing financial institutions about the breach in order to protect against any attempted fraud with the limited credit card information that was compromised. Wonga advised users to contact their banks and to personally watch for any suspicious activity on their account.

Read: McDonald's Hacked: 100,000 Job Applications Stolen From McDonald's Canada Site

The Information Commissioner's Office in the United Kingdom responded to the breach, stating, “All organizations have a responsibility to keep customers' personal information secure. Where we find this has not happened, we can investigate and may take enforcement action."