Thousands of Wonga customers have had their details leaked online
Payday lender Wonga has contacted thousands of customers across the UK following a major data breach.
The company confirmed it had called in the authorities after detecting a leak last Friday.
The leaked data is thought to include customer email addresses and phone numbers, but also personal bank details, including account numbers, sort codes, addresses and the last four digits of users' bank cards.
Up to 245,000 current and former Wonga customers could be affected, the company said, as well as a further 25,000 in Poland.
The biggest cyber-attacks, hacks and data breaches Wed, March 15, 2017
From viruses to data breaches, cyber-crime is far from a modern invention – here is Express.co.uk's list of some of the biggest attacks in history.
Play slideshow GETTY 1 of 13
Google's Chinese operations were targeted in 2009
In a statement, Wonga apologised for the breach, which it called "illegal and unauthorised.”
The company urged customers to watch out for any "unusual activity" on their accounts and said it was now working to contact affected customers.
However Wonga said it did not believe the information leaked would leave people at risk of having money stolen.
"We will be alerting financial institutions about this issue and any individuals impacted as soon as possible, but we recommend that you also contact your bank and ask them to look out for any suspicious activity," Wonga said in a statement on its website.
If you think you’ve been the victim of a cyberattack, check out Express.co.uk’s guide on the next steps to take here.
Get Quotes on Home Insurance
Wonga has said it will start contacting affected customers shortly
The news is the latest blow to hit Wonga in recent months as the company endures a difficult period.
The company, owned by Sports Direct head Mike Ashley, saw pre-tax losses more than double last year
This followed several high-profile incidents which saw Wonga slammed for charging customers thousands in annual percentage rates and for fake legal letters.
Outrage over the charges and Wonga’s business practices, as well as other payday lenders, led to a wider Government crackdown on unscrupulous methods in the sector and the imposition of price caps.
Wonga’s apparent lax cyber protection has already been criticised by experts in the security industry.
“Customers that entrust private information to the care of a business should be safe in the knowledge it is kept in a secure manner,” noted David Emm, principal security researcher at Kaspersky Lab.
“Consumers have no control over the security of their online providers. However, they can mitigate the risk of a security breach of an online provider’s systems.
“We would recommend that everyone uses unique, complex passwords for all their online accounts. We would also urge people to take advantage of two-factor or two-step authentication where a provider offers this.”