Over 240,000 customers of a UK-based ice rink, Planet Ice, have been affected by a hacking incident on its systems. Many of Planet Ice’s customers first noticed the issue when a server downtime message appeared on the ice rink firm’s official website.
Planet Ice then sent a notification email to all affected customers upon learning of the security incident. Based on the message, the company’s “Ice Account” system had been broken into by unknown hackers, allowing them to have unauthorised access to the system’s non-financial areas.
Exactly 240,488 Planet Ice customer accounts were exposed to hackers.
During an analysis of the security breach, researchers discovered that 240,488 customer accounts had been exposed to the threat actors, which comprised sensitive data. Some of these compromised customer data are full names, birthdates, genders of children, email addresses, IP addresses, phone numbers, passwords, residential addresses, and purchase-related information.
Despite hackers being unable to steal financial information from the victims, security experts are still concerned about the exposed customer data involved in the hack. Suppose a user uses the same stolen password on all their other online accounts. In that case, it is advised to immediately update them, as it is only a matter of time before hackers take advantage of the opportunity to hack them as well.
The compromised data could also be utilised for other attacks, such as identity theft or phishing. Thus, those that received the notification email from Planet Ice must closely monitor any suspicious activities from unknown entities leveraging their information.
Some affected customers expressed their frustration on social media, especially since they first heard of the issue from media reports and other sources besides the ice rink company itself. Nonetheless, the company highly encourage people to be extra cautious and treat all communication attempts from unknown entities as suspicious.
External cybersecurity teams and the Information Commissioner’s Office (ICO) have already been contacted to aid the ice rink company in investigating and resolving the incident.
