Play.com confirms security breach

Following our previous article about an apparent email address leak at Play.com, the company has confirmed that a security breach has occurred.

In an email to its customers, Play.com stated that the breach occurred at a marketing company, resulting in customer names and email addresses being compromised:

"We are emailing all our customers to let you know that a company that handles part of our marketing communications has had a security breach. Unfortunately this has meant that some customer names and email addresses may have been compromised.

We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved."

Many customers already appear to have received spam as a result of this breach, apparently including some who had opted out of receiving marketing emails from Play.com.

An information security manager at Play.com refused to tell Netcraft which marketing company was responsible for the breach.