FatFace Was Hacked and It Delayed Notice Distribution for Two Months

  • UK retailer FatFace has had a data breach incident that was kept a secret for over two months.
  • The customers were eventually informed about it but asked to keep it confidential.
  • The backlash has sent a clear message that data breaches cannot be kept under the rug.

FatFace, a British clothing and fashion accessories retailer, has suffered a pretty severe data breach incident which it chose to keep secret for two full months. When the relevant notifications finally reached the compromised customers, the company surprised them even more by asking them to keep the information confidential, essentially shifting responsibility to them. That wasn’t exactly welcomed by the retail chain customers, who went onto social media and shamed the firm for its approach in handling this.


The details that have been compromised include the following:

  • First name and surname
  • Email address
  • Address details
  • Partial payment card information - last 4 digits and expiry date

The event took place on January 17, 2021, so more than two months have passed since then. While partial payment card information isn’t enough to perform purchases, many of the FatFace customers report that they have been receiving weird phishing messages lately. The firm says that the threat was identified and mitigated immediately, the ICO has already been informed, and that its website remains fully operational and totally safe to use.

Today, the FatFace staff got informed about the breach, and for them, the situation is a tad bit worse. According to a leaked internal memo that Forbes obtained, the company informed its employees that their bank details, including sort codes and account numbers, have been compromised. In addition to this, the infiltrators could have stolen the staff’s National Insurance numbers, home addresses, phone numbers, and partial payment card information.

In both cases, FatFace is planning to offer a 12-month membership on Experian Identity Plus, helping staff and customers stay protected against identity theft or banking fraud attempts. In any case, if you see any signs of trouble, make sure to report them to your bank immediately before things get out of control.

Indeed, FatFace hasn’t handled this incident properly, endangered its customers for over two months, and ultimately had the audacity to ask them to keep the breach a secret. This is not how things work today, and the backlash they got from following this approach should be a lesson to everyone. Cyber-attacks happen, firms are constantly bombarded by malicious actors, so if something bad occurs, you’d better take responsibility and inform everyone immediately.



How to Watch Boston Red Sox Games Online Without Cable

The Boston Red Sox are one of the most famous and popular professional sporting franchises, not just in the United States but...

Wimbledon 2022 Live Stream: How to Watch Tennis Online From Anywhere

This week, the top tennis players are preparing to participate in one of the most prestigious tennis tournaments in the world –...

How to Watch Westworld Season 4 Online From Anywhere

The fourth season of your favorite science fiction dystopian TV series is set to premiere soon, and we know you want to...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari