Fastway Couriers has confirmed that one of its IT systems was subject to a cyber-attack on February 25th, which has comprised customers’ personal information.
The cyber-attack was identified by a third-party IT development contractor on February 25th and was fully mitigated by 9am on February 26th. The contractor then advised Fastway of the breach on March 2nd.
A statement on the company’s website confirmed the breach which relates to the contact details of 446,143 parcel receivers from Fastway clients. The data compromised relates to Fastway deliveries over a period of approximately 30 days from mid-January onwards. On learning of the cyber breach, Fastway advised the Data Protection Commission and the Gardai. Fastway has made the requisite data breach submission to the Data Protection Commission.
An email seen by Digital DNA confirms the breach to individuals affected, advising anyone concerned to contact Fastway directly. The email also confirmed no financial data was exposed and only data used for the purposes of delivery (name, address, email and/or phone). It concluded by urging people to “exercise extra vigilance in relation to any unsolicited communications which may purport to be from Fastway or from Sports Direct.”
In a statement on the breach, Fastway’s CEO Danny Highes said it was distressing that the company’s system had been compromised by a malicious hack. “I deeply regret that people’s personal data has been compromised and I apologise to our clients and their customers.”
“I want to stress that nobody’s financial data was at risk and the issue is limited to delivery information only. We will continue to work closely with the DPC, the Gardai and our clients to manage this situation in line with best practice.”
Fastway has confirmed that it has engaged an IT consultancy to conduct an incident response and independent review of the cyber-attack.
The latest updates from Digital DNA
Early access to our events
+ lots more every 1-2 weeks