Fast Retailing Co. said hackers may have gained access to the personal information of about half a million users of its Uniqlo and GU brand e-commerce portals.
Hackers accessed at least 460,000 accounts registered on Fast Retailing’s Japanese shopping websites, the company said in a statement Monday. Users’ personal information, purchase history and parts of credit card numbers may have been accessed, the Tokyo-based retailer said.
The hack occurred from April 23 to May 10, and the company is still investigating. There have been no reports so far of information being used by a third party, the company said.
Fast Retailing has taken measures to block the unauthorized access and invalidate the passwords of the affected accounts. It also asked all affected customers to reset their passwords to access the company’s online stores.
The casual clothing store operator said identification numbers and passwords previously leaked from other website operators may have been used in the unauthorized access.
“We deeply apologize to our customers and pledge to prevent this from happening again,” the company said in a statement.
Consumer data security has become a growing concern for corporations as e-commerce proliferates, with an increasing number of retail and services companies reporting incidents.
Last year, Cathay Pacific Airways Ltd. and Marriott International Inc. were among those reporting that hackers had accessed customers’ personal information.
The Fast Retailing incident was limited to the Japanese websites and the breach was a list-based attack, the company said. Such access can happen when customers use the same ID and password combinations on multiple websites. The company advised users to change their passwords.
Fast Retailing has been investing heavily to build up its e-commerce operation. Internet sales made up 10 percent of its domestic sales in the first half of the company’s current fiscal year. It doesn’t disclose the total number of online users.