NPower cyber attack - customers warned personal details may have been breached - Mirror Online
NPower cyber attack - customers warned personal details may have been breached
The firm, owned by E.ON - one of the UK's big six energy suppliers - has not revealed how many people may have been affected by the cyber attack
mirror
SHARE
1COMMENTS
Npower said it has alerted those who may have been affected and "immediately locked" their account
Get our money-saving tips and top offers direct to your inbox with the Mirror Money newsletter
Enter your email
Sign up
When you subscribe we will use the information you provide to send you these newsletters. Sometimes they’ll include recommendations for other related newsletters or services we offer. OurPrivacy Noticeexplains more about how we use your data, and your rights. You can unsubscribe at any time.
Energy provider Npower has removed its app after stolen login data was used to access customer accounts.
The firm, owned by E.ON - one of the UK's big six energy suppliers - has not revealed how many people may have been affected by the cyber attack.
It is believed that personal contact details and partial financial information may have been obtained, according to MoneySavingExpert.com, although full account numbers appear not to have been taken.
Npower said it has alerted those who may have been affected and "immediately locked" their accounts.
"We identified suspicious cyber activity affecting the npower mobile app, where someone has accessed customer accounts using login data stolen from another website. This is known as credential stuffing," the company said in a statement.
The Information Commissioner's Office (ICO) and Action Fraud have been informed of the incident (Image: Getty)
RELATED ARTICLES
Tesco customers say they have been double charged on transactions since Septembermirror
British Airways set to pay out 'up to £2.4billion' to 500,000 data breach victimsmirror
"We've contacted all affected customers to make them aware of the issue, encouraging them to change their passwords and advice on how to prevent unauthorised access to their online account.
"We immediately locked any online accounts that were potentially affected, blocked suspicious IP addresses and took down the npower app."
The Information Commissioner's Office (ICO) and Action Fraud have been informed of the incident.
Npower said the app was already set to be withdrawn as part of "existing wind-down plans".
"Protecting customers' security and data is our top priority and our robust defences helped us to identify this recent attack," the firm added.
138212091369
"It's important we all continue to stay secure online and urge customers to avoid reusing the same password across multiple websites."
The ICO confirmed it had been notified, saying: "Npower has made us aware of an incident affecting their app and we are making enquiries."
The firm, owned by E.ON - one of the UK's big six energy suppliers - has not revealed how many people may have been affected by the cyber attack
mirror
SHARE
1COMMENTS
Npower said it has alerted those who may have been affected and "immediately locked" their account
Get our money-saving tips and top offers direct to your inbox with the Mirror Money newsletter
Enter your email
Sign up
When you subscribe we will use the information you provide to send you these newsletters. Sometimes they’ll include recommendations for other related newsletters or services we offer. OurPrivacy Noticeexplains more about how we use your data, and your rights. You can unsubscribe at any time.
Energy provider Npower has removed its app after stolen login data was used to access customer accounts.
The firm, owned by E.ON - one of the UK's big six energy suppliers - has not revealed how many people may have been affected by the cyber attack.
It is believed that personal contact details and partial financial information may have been obtained, according to MoneySavingExpert.com, although full account numbers appear not to have been taken.
Npower said it has alerted those who may have been affected and "immediately locked" their accounts.
"We identified suspicious cyber activity affecting the npower mobile app, where someone has accessed customer accounts using login data stolen from another website. This is known as credential stuffing," the company said in a statement.
The Information Commissioner's Office (ICO) and Action Fraud have been informed of the incident (Image: Getty)
RELATED ARTICLES
Tesco customers say they have been double charged on transactions since Septembermirror
British Airways set to pay out 'up to £2.4billion' to 500,000 data breach victimsmirror
"We've contacted all affected customers to make them aware of the issue, encouraging them to change their passwords and advice on how to prevent unauthorised access to their online account.
"We immediately locked any online accounts that were potentially affected, blocked suspicious IP addresses and took down the npower app."
The Information Commissioner's Office (ICO) and Action Fraud have been informed of the incident.
Npower said the app was already set to be withdrawn as part of "existing wind-down plans".
"Protecting customers' security and data is our top priority and our robust defences helped us to identify this recent attack," the firm added.
138212091369
"It's important we all continue to stay secure online and urge customers to avoid reusing the same password across multiple websites."
The ICO confirmed it had been notified, saying: "Npower has made us aware of an incident affecting their app and we are making enquiries."