El Corte Inglés, a recognized retail chain in Spain, informed its users about unauthorized access to personal data stored by an external provider. This external provider suffered a hack that allowed unauthorized access to identifying and contact information of El Corte Inglés customers, including names, surnames, addresses, and card numbers used exclusively for purchases at the company.
The company sent an email detailing the incident and the security measures implemented, in addition to informing that the case has been reported to the relevant authorities in data protection and cybersecurity. In the statement, El Corte Inglés reminded its customers that it will never ask for passwords, security codes, or confidential information by phone, email, or text messages.
Although the compromised data is not sufficient to make fraudulent payments, the company assured customers that their cards can continue to be used safely, whether in physical stores, on the web, or in the company's application. El Corte Inglés stated that it detected and rectified the incident immediately through its implemented security and detection protocols.
In case of any suspicious communication, users were advised to contact customer service directly through the provided toll-free number or by sending an email to the corresponding address. The company apologized for the inconvenience caused to its customers, reaffirming its commitment to the protection of user privacy and the security of personal data, as well as demanding its provider to implement additional measures to prevent future incidents.
