Statement regarding the digitec leak
Update from 5 December 2017:
This leak is not connected to the incident MELANI published today, which reports on 70,000 stolen datasets. We have access to this list and are comparing it with our customer data. If there are any matches, we will reset the according account passwords.
We're still investigating the case described below. So far, 50 affected customers have contacted us – considering the media echo, this is a small number. In addition, the cases are not consistent, suggesting the data might have originated from various sources. For this reason, we’re also examining the possibility that the leak was not within digitec, but within one or several other companies.
We have reason to believe that scammers have gained possession of some of our customers’ contact data.
Important: we’re certain that no credit card information was stolen, and we assume that no login passwords were leaked, either. The potential affected customer data includes name, gender, phone number, postal address and e-mail address.
Credit card information has never been stored in our system. This sensitive data is with SIX (Saferpay) and Datatrans. In addition, we don’t save login passwords as plain text.
We assume that the scammers accessed individual customer accounts via our old digitec shop. According to our current state of knowledge, the potentially affected customer data is from between 2001 and no later than mid-2014. The presumed security gap has been closed. Based on our research, neither the new digitec shop nor Galaxus are affected.
We were informed about this fraudulent activity by affected customers. We’re also in close contact with the Reporting and Analysis Centre for Information Assurance (MELANI) of the Swiss Confederation. Based on MELANI’s current notifications, we assume that only a limited number of customers are affected and have already informed those customers whose contact data we know was stolen.
We apologise to all affected customers for the inconvenience caused. To our knowledge, the stolen contact data is used for phishing e-mails. Links and attachments in e-mails from dubious senders should never be opened. We kindly ask our customers to forward suspicious e-mails to email@example.com if they contain information that might have been taken from digitec. This will help us with our further investigations.
In recent years, we’ve massively increased our investment in security and will have to keep doing so. We expect more and more cybercrime to take place in the future and, unfortunately, no company can completely eliminate the risk of being affected, not even with the greatest effort.
According to our current state of knowledge, this incident is not related to the phishing activity from August and September, which saw data stolen from somewhere else and used to access our customer accounts.
We’ve set up a hotline especially for customers who are concerned or have questions. Please contact us on 044 575 96 20 or by e-mail at firstname.lastname@example.org.
We’ll update this article as soon as we have more information.