Security warning from Play.com - anyone else?

[JB]

Just received the attached. Did anyone else get one. There are none of the usual graphics but the headers look genuine FWIW?

[Ray]

Yes, I've received it this morning as well.

[Simon]

Nothing here yet. 

[RichR]

I've had one as well

[talos]

Me Too

[zappaDPJ]

Me as well. I don't recall giving play.com permission to pass on my details to a marketing communications company.

[gizmo71]

I had some spam sent to the disposable address I use for play.com so I half expected it... It's actually quite good to know that they're on the ball... but bad that they'd given the address to a third party.

[Simon]

[zappaDPJ]

You are not worthy

[Simon]

[Lance]

I've had it too. Oh, and I had the warning from Play!

[zappaDPJ]

Nasty, have you tried an ointment?

[JB]

Me as well. I don't recall giving play.com permission to pass on my details to a marketing communications company.

Nor did I, but it is inevitable I guess. I just use a throw away Gmail address for firms like Play and Amazon.

[Niall]

I find this a little too much of a coincidence. They announce play may be having difficulties with new rulings coming out regarding where their warehouses are then they get hit by a security breach. Makes me wonder if this sort of thing is from rivals.

[David]

I got mine last night not too bothered just take a little care I think Niall has a point but Im not pulling my hair out just yet

[Rik]

I rarely play, I more often explore the Amazon.

[David]

Oh I  never play I have bought from them though 

[Niall]

It's very rare that I use Play. If I'm not bothered by longer delivery dates, then I don't mind, but they are rarely cheaper than their rivals. At least for the things I want anyway.

[gizmo71]

On the odd occasions I buy new I often do so from Play as they don't load the price with postage charges, but these days I buy most stuff nearly new from Amazon marketplace.

Had a second email today as follows

Dear Customer,

As a follow up to the email we sent you last night, I would like to give you some further details. On Sunday the 20th of March some customers reported receiving a spam email to email addresses they only use for Play.com. We reacted immediately by informing all our customers of this potential security breach in order for them to take the necessary precautionary steps.

We believe this issue may be related to some irregular activity that was identified in December 2010 at our email service provider, Silverpop. Investigations at the time showed no evidence that any of our customer email addresses had been downloaded. We would like to assure all our customers that the only information communicated to our email service provider was email addresses.  Play.com have taken all the necessary steps with Silverpop to ensure a security breach of this nature does not happen again.

We would also like to reassure our customers that all other personal information (i.e. credit cards, addresses, passwords, etc.) are kept in the very secure Play.com environment. Play.com has one of the most stringent internal standards of e-commerce security in the industry. This is audited and tested several times a year by leading internet security companies to ensure this high level of security is maintained. On behalf of Play.com, I would like to once again apologise to our customers for any inconvenience due to a potential increase in spam that may be caused by this issue .

[Niall]

Does that mean they'll want this yacht back?

[drummer]

I've been using play.com for several years and haven't received one of these emails.  Nobody loves me...   

[Simon]

Nothing for me yet, either.  Play.com was my very first online shopping experience, and I bought the Highlander DVD.  Loyalty counts for nothing these days.   

[Lance]

I've had the second email tonight as well. I've not used them for a while but do occasionally as I get an additional discount through work.

[zappaDPJ]

I've also received and welcomed the second email as it removed some of the doubts I was having about ordering from them again.

[Lona]

I've now received two also

[vitriol]

Got both mails yesterday. Haven't had any spam so far 

[wecpcs]

Just received the attached. Did anyone else get one. There are none of the usual graphics but the headers look genuine FWIW?

I have had one as well.

Colin

[Rik]

Me too.

[sparky]

Not only did I get one from Play.com,

I've now received a similar one from tripadvisor.com, although this was only to my gmail account.

To our travel community:
This past weekend we discovered that an unauthorised third party had stolen part of TripAdvisor's member email list. We've confirmed the source of the vulnerability and shut it down. We're taking this incident very seriously and are actively pursuing the matter with law enforcement.
How will this affect you? In many cases, it won't. Only a portion of all member email addresses were taken, and all member passwords remain secure. You may receive some unsolicited emails (spam) as a result of this incident.
The reason we are going directly to you with this news is that we think it's the right thing to do. As a TripAdvisor member, I would want to know. Unfortunately, this sort of data theft is becoming more common across many industries, and we take it extremely seriously.
I'd also like to reassure you that TripAdvisor does not collect members' credit card or financial information, and we never sell or rent our member list.
We will continue to take all appropriate measures to keep your personal information secure at TripAdvisor. I sincerely apologise for this incident and appreciate your membership in our travel community.
Steve Kaufer
Co-founder and CEO

[Rik]

Where are they based, Sparky?

[sparky]

Not sure if they have a UK base Rik, but their mailing address is near Boston, USA.

Newton, MA 02464

That must be Massachusetts I guess.

[Rik]

Unfortunate. If they were UK based, at least you could moan to the ICO.

[BrianM]

Got a MS update warning today which maybe has something to do with these security warnings.   Update KB 2524375.

[Glenn]

See http://www.microsoft.com/technet/security/advisory/2524375.mspx