ShopBack Customer Information Accessed Illegally

When making purchases online, there’s a more-than-zero percent chance that your personal info might be compromised.

Unfortunately, this happened to ShopBack customers today whey they discovered that someone accessed a system which contains customer data.


ShopBack is a cashback website which allows you to redeem cash or gifts when you use their platform to shop.

On Friday (25 Sep), they sent an email warning customers of the breach and to assure them that the access was removed. They’re also cooperating with authorities.

While passwords are encrypted, they advise to change your password as a precaution.

Unauthorised ShopBack system access removed

In the email shared with us by an MS News reader, ShopBack says that some days ago, there was an unauthorised access to their system which contains customers’ personal data.

They’re still confirming what data was compromised.

ShopBack removed the access as soon as it was discovered, and are looking into making enhancements to their system as a reaction.

The system should contain data like your name, phone number, and address. ShopBack said they do not store card details on their systems.

Advised to change password

The ShopBack site is still usable as there wasn’t any disruption to the website or other business operations.


However, they do advise that customers change their passwords as a precaution.

This is even though passwords on the system are encrypted.

Have unique passwords for your accounts

Apologising to customers for this unsettling news, ShopBack promises to take steps to ensure breaches don’t happen again in the future.

Judging from other cases where companies were fined for security breaches involving customer data, ShopBack may be punished as well.

Indeed, customer data breaches can be very dangerous in this day and age. They can be used for identity fraud, for example.

This makes having unique passwords for every platform that much more important, as you never know which account will be compromised.

If you use the same password for every account, hackers can get a hold of other accounts under your email address.

Have news you must share? Get in touch with us via email at

Featured image adapted from Facebook.