NSW woman lost $1000 when her The Iconic account was hacked

Customers of The Iconic fashion retailer have slammed the online boutique’s response to a recent major hacking incident.

Jessica Byrne from NSW said her store account was hacked and $1000 in products ordered over the holiday period.

She was only alerted when her bank texted her husband a code to complete another purchase.

Watch the latest news and stream for free on 7plus >>

“We woke up to a text from the bank,” Byrne told 7NEWS.com.au.

When Byrne checked her bank account, she saw there had been at least four fraudulent purchases from The Iconic.

The hackers had used the payment card saved on Byrne’s account, and she said she did not receive any emails confirming the orders.

Other affected customers have reported hackers changed the email address attached to their accounts so purchase confirmation emails would not be seen.

The Iconic does not require customers to go through any security steps to change their associated email address.

After speaking with her bank and cancelling her card, Byrne tried to log in to her The Iconic account — but found there was no account left to sign in to.

“I tried logging into my account but I was locked out,” Byrne said.

“The Iconic actually deleted my account.”

Jessica Byrne was alerted via a text from her bank that her The Iconic account had been hacked. Credit: Supplied

Byrne tried to contact The Iconic’s customer service team but said she could only reach the bot on the company’s website, which informed her here was no record of her account.

She then attempted to call the phone number listed online for The Iconic but it was no longer working.

Byrne said she eventually received an email from The Iconic stating her account had been deleted.

While she is now seeing refunds from the retailer being deposited into her bank account, she said she has had no further contact from The Iconic.

“They still haven’t communicated with me at all about it,” Byrne said.

“They’ve said they’ve contacted all the impacted customers but I haven’t heard anything.”

The Iconic responds

The Iconic emailed customers on Tuesday morning, advising them to change their passwords — but making no mention of the hacking.

“With scam activity and online fraud on the rise in Australia and New Zealand across all industries, we want to remind you of the importance of account security and encourage you to strengthen your ICONIC account by regularly changing your password,” the email read.

The company this week confirmed the email was sent out in response to accounts being hacked.

“We have recently seen an increase in fraudulent account login attempts … which our security and fraud teams continue to actively manage, in conjunction with our security partners,” a spokesperson said.

“We are working with all customers to address these incidents, which are not a result of a data breach at The Iconic.

“The security of our customer data is of the utmost importance to us and we continue to work with our third-party security partners to protect against all fraudulent activity.

“We encourage all customers to be vigilant when it comes to proactively managing their account security by regularly changing their passwords.

“Our teams are also proactively intercepting unauthorised access attempts and cancelling any fraudulent orders made, in addition to providing customers with full refunds for any successful orders made that have been dispatched.”

The spokesperson declined to comment on Byrne’s account being hacked or deleted, citing “the ongoing nature of the investigation”.

The spokesperson also did not respond when asked to clarify when the first hacking incident occurred.

The hack has been labelled as “data stuffing” — whereby hackers use personal data found online from other leaks to access accounts — instead of a direct data breach at The Iconic.

Byrne is not aware of any her information being leaked.

“We’ve had no issues with any other accounts,” she said.

“They deleted my (The Iconic) account so obviously it was flagged.”

Hackers ordered almost $1000 in products using Jessica’s account. Credit: Supplied

Byrne said she has found The Iconic’s customer service lacking, and was unimpressed to see the company making multiple unrelated posts on its social media at the same time.

“They’re posting new outfits for the Taylor Swift concert — if you’ve got staff doing that, you should be able to respond to customers,” she said.

Other customers have also complained about the retailer’s customer service, with one saying via social media: “The fact you have no active phone number for customers to call is unacceptable. You can’t expect customers who have had their money stolen to do a web chat only.”

Byrne has now gone through her various accounts and changed all her passwords — and set up two-factor authentication “just to be safe”.

“I’m second-guessing everything now,” she said.

She also takes issue with how long the hacking seems to have been going on — with reports online of accounts being compromised in early December.

One customer wrote on popular independent review platform Product Review that their account had been hacked on December 13, warning: “Be very careful with your credit card on file.

“My card was used for a purchase and I am now unable to log into my account.

“The Iconic do nothing about it and the only point of contact is their ridiculous bot.”

FOLLOW US ON GOOGLE NEWS

Read original article here

Denial of responsibility! Todays Chronic is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – todayschronic.com. The content will be deleted within 24 hours.

Leave a Comment