Skip to content
Subscriber Only

Now, Your Reward for Being a Loyal Customer: Identity Theft

They signed up to receive discounts on vacation travel and other perks. Instead, more than 1.5 million Europeans who had enrolled in customer-loyalty programs learned this week that their personal data, including credit-card details in some instances, had been stolen in a cyber attack on an Irish company they’d never heard of.

Loyaltybuild, a firm in County Clare, Ireland, that manages loyalty programs for merchants in five European countries, acknowledged on Nov. 11 that hackers had stolen data on people who redeemed awards through websites it runs. In about 500,000 cases, the data included credit card numbers and security codes that were stored without encryption.