The Wisepay data breach occurred between late evening on 2nd October and 10am on 5th October 2020.
It is understood that the school payments system was hacked over the weekend in question, meaning that parents’ sensitive information has been exposed. The Wisepay data breach is said to have affected around 300 school payment systems across the two-day period. The breach may have affected any parents who inputted their details into the payment page on their schools’ systems.
Wisepay took down their site as soon as the breach was discovered at 10am on the 5th October and have stated that only a small number of parents should have been affected as their system does not require daily payments.
Information exposed in the Wisepay data breach
We understand that the hackers were able to modify the Wisepay payments page to send users to their own ‘spoof’ payment page. This means that users could be directly imputing their card details into the hacker’s website, not the Wisepay one as they would have thought. This means that the hacker had access to card details of all the attempted payments made over the weekend, leaving victims open to fraudulent attacks by the cybercriminal(s).
In a letter to schools, Wisepay has said it does not store any payment information itself and none of their own records were leaked. It was explained to parents that, if they did not attempt to make a payment to one of the 300 affected schools between 2nd and 5th October, it is most likely that they will have not been affected.
What do I do if my card information was stolen?
If your card information has been stolen in the Wisepay data breach, it is important to cancel or pause the card you used and to monitor your account for any fraudulent activity that may have occurred since the incident. Speak to your bank or building society the relevant company involving the card and seek their advice and instruction also.
In the letter to schools, Wisepay warned parents who think they might have been affected by the Wisepay data breach to pause or cancel the payment cards they used on their site. Also, in a pre-emptive attempt to stop the hackers, they also said to change any online banking passwords that relate to their Wisepay account as well.
It is important to note that, if your data has been stolen in the Wisepay data breach, you could be eligible to make a compensation claim with the Group Action Lawyers.
Start your data breach claim
If you have been a victim of the Wisepay data breach, you could be eligible to claim compensation with the Group Action Lawyers.
If you have been subject to any fraudulent activity as a result of the breach, you could claim compensation for any money lost. We can also look at the distress and loss of amenity caused by the loss of control of your personal data, as well as any financial losses or expenses incurred as a result of the breach too.
We have helped thousands of victims recover millions in damages across a range of multi-party and group action claims, and our expert legal team is here to help you next.
Contact us today to discuss your potential case on a free and no-obligation basis.