In January 2022, customers of Vision Direct were informed that their financial information might have been compromised in a data security incident.
This page explains how the data breach happened, the facts of the case, and the consequences for the affected customers.
The breach occurred after hackers accessed the Vision Direct website (www.VisionDirect.co.uk). Those affected by the breach placed an order online between 10.38am on Wednesday 22 December and 14.20pm on Friday 24 December 2021.
If you made a Vision Direct purchase online during this time, you could have been involved in this data breach.
According to an email from Vision Direct, “the financial information compromised during this time included credit or debit card numbers, expiry dates and CVV security codes. This information could be used to conduct fraudulent transactions and we recommend that you contact your bank or credit card provider immediately and follow their advice.”
Only customers who entered payment details during the breach period are affected. This includes the following payment methods: Visa, Mastercard, Maestro and American Express. Customers who used other payment methods to make their purchases (e.g. PayPal, saved card details, etc.) are not believed to be affected by the theft.
Those affected by the Vision Direct data breach were at serious risk of fraud and financial losses. Vision Direct warned those at risk to:
Worryingly, this was not the first Vision Direct customer data breach. In 2018, 16,300 customers were put at risk when the company discovered malware across its websites. On that occasion, 6,600 people may have had financial data compromised.
See our answers to the FAQs we get asked about the Vision Direct data breach.
In January 2022, some customers of Vision Direct were informed that their financial information might have been compromised after hackers accessed the Vision Direct website (www.VisionDirect.co.uk).
The hackers got hold of the following data:
If you placed an order on www.VisionDirect.co.uk between 10.38am on Wednesday 22 December and 14.20pm on Friday 24 December 2021 you could be affected. Only customers who entered their payment details during this time were involved in this breach. Those affected by the incident should have been informed.
Anyone who thinks they might be involved should take immediate steps to protect themselves.
Vision Direct claimed that it resolved the immediate issue and took steps to prevent any further possibility of data theft. It also made improvements to better detect any malicious attempts to access its website. .