Halfords suffers a puncture in the customer details department

2022-06-23 08:30

UK automobile service and parts seller Halfords has shared the details of its customers a little too freely, according to the findings of a security researcher.

Like many, cyber security consultant Chris Hatton used Halfords to keep his car in tip-top condition, from tires through to the annual safety checks required for many UK cars.

Again, all customer details associated with that ID could be retrieved.

In January, Hatton responsibly contacted Halfords to warn the company of the vulnerability.

"The Register contacted UK watchdog the Information Commissioner's Office and was told:"We do not appear to have received a data breach report from Halfords on this matter.

The incident is reminder of the need for organizations to provide an open channel of communication for researchers and, for goodness' sake, to stop ejecting customer details upon the slightest prod.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/06/23/halfords_data_leak_vulnerability/