(Reuters) – British pharmacy Superdrug said late on Tuesday that there had been a “possible disclosure” of personal information of some of their Superdrug.com customers, which could include names, addresses, dates of birth and telephone numbers.
Superdrug said in a statement on Twitter that customers’ payment care information had not been compromised. It did not specify how many customers were affected.
Superdrug did not respond to a request outside regular business hours for comment and additional information.
“The hacker shared a number of details with us to try and ‘prove’ he had customer information – we were then able to verify they were Superdrug customers from their email and log-in,” a Superdrug spokeswoman was quoted as saying in a report by the Independent.
Earlier, the BBC reported that the hacker or hackers had attempted to extort a ransom from the company.
Superdrug said in the statement that it had advised its customers to change their online passwords and that it had contacted the police and Action Fraud, the UK’s national cyber crime reporting center.
Reporting by Kanishka Singh in Bengaluru