IKEA has revealed it has contacted Canada’s privacy watchdog following a data breach involving the personal information of an estimated 95,000 customers.
In a statement, the furniture retailer said that some of its customers’ personal information appeared in the results of a “generic search” performed by a co-worker at IKEA Canada between 1-3 March this year, using IKEA’s customer database.
IKEA revealed that no financial or banking information was involved in the breach. It has told customers that while their personal information was made public, no banking or credit details were hacked.
“At IKEA the security of our customers’ private information is of utmost importance and we have proactively notified the Office of the Privacy Commissioner of Canada about this incident, as well as any applicable customers. We have also reviewed and updated internal processes to prevent such incidents in the future,” the statement read. “No action is required by our customers.”
“While we can’t speculate as to why the search was made, we can share that we have taken actions to remedy this situation,” Ikea Canada PR leader Kristin Newbigging said. “We have also reviewed our internal processes and reminded our co-workers of their obligation to protect customer information.”
In a letter sent to affected customers, IKEA Canada said that compromised data included customer names, email addresses, phone numbers and postal codes. It also said that IKEA Family loyalty program numbers belonging to customers may have also been visible.
There is no mention of data breach IKEA Canada’s website but this latest breach includes customers to its store signed to its loyalty scheme who may never have used its website.
IKEA Canada has submitted a breach report to the Office of the Privacy Commissioner of Canada (OPC).
Return to the NEWS index for Security Journal Americas
Related stories on our sister title International Security Journal