Major department store chain in Spain suffers theft of customers' data after security breach

Spain's El Corte Inglés department store chain has fallen victim to unauthorised access to its customers' personal data. In an email to its customers this morning, the company stated its security was breached via an external provider, accessing identification, contact details and card numbers. However, the company has assured that the data breach does not allow third parties to use clients' payment cards. Customers can continue to safely use their cards in its department stores across the country and online.

The incident was identified and immediately remedied through El Corte Inglés' detection and security protocols. In addition, the supplier has been required to implement additional measures to prevent such incidents in the future. The case has been brought to the relevant data protection authorities.

Similarly, El Corte Inglés stressed that the information that has been accessed without authorisation consists of identification and contact details, as well as card numbers for purchases only at El Corte Inglés. “In any case, this information does not allow third parties to operate or make payments with your El Corte Inglés card,” the statement clarified, so customers can continue to use their card in complete safety both in stores, on its website and in the application.

El Corte Inglés has reminded customers that it would never contact them to request passwords, security codes or personal information, either via email or phone calls.