fbpx

Vision Direct Data Breach

THIS ACTION IS NOW CLOSED

In January 2022, customers of Vision Direct were informed that their financial information might have been compromised in a data security incident. 

This page explains how the data breach happened, the facts of the case, and the consequences for the affected customers.  

What happened in the Vision Direct data breach?

The breach occurred after hackers accessed the Vision Direct website (www.VisionDirect.co.uk). Those affected by the breach placed an order online between 10.38am on Wednesday 22 December and 14.20pm on Friday 24 December 2021.

If you made a Vision Direct purchase online during this time, you could have been involved in this data breach.

According to an email from Vision Direct, “the financial information compromised during this time included credit or debit card numbers, expiry dates and CVV security codes. This information could be used to conduct fraudulent transactions and we recommend that you contact your bank or credit card provider immediately and follow their advice.”

Only customers who entered payment details during the breach period are affected. This includes the following payment methods: Visa, Mastercard, Maestro and American Express. Customers who used other payment methods to make their purchases (e.g. PayPal, saved card details, etc.)  are not believed to be affected by the theft.

Those affected by the Vision Direct data breach were at serious risk of fraud and financial losses. Vision Direct warned those at risk to:

      • Review their credit card or bank account statements ASAP to check for unauthorised transactions or payments.
      • Contact their bank or credit card provider immediately if they suspect fraud.
      • Ask their bank to block any cards they may have used on the website during this time.

Worryingly, this was not the first Vision Direct customer data breach. In 2018, 16,300 customers were put at risk when the company discovered malware across its websites. On that occasion, 6,600 people may have had financial data compromised.

Vision Direct Data Breach Timeline

  • Wednesday 22 December - Friday 24 December 2021
    Vision Direct experiences a major security breach when it is hacked.
  • 5 January 2022
    Vision Direct informs customers that they could be at risk and warns them to protect themselves from fraud and theft.

Your questions answered

See our answers to the FAQs we get asked about the Vision Direct data breach.

FAQs about the Vision Direct data breach

In January 2022, some customers of Vision Direct were informed that their financial information might have been compromised after hackers accessed the Vision Direct website (www.VisionDirect.co.uk).

The hackers got hold of the following data:

      • credit and debit card numbers
      • expiry dates
      • CVV security codes.

If you placed an order on www.VisionDirect.co.uk  between 10.38am on Wednesday 22 December and 14.20pm on Friday 24 December 2021 you could be affected. Only customers who entered their payment details during this time were involved in this breach. Those affected by the incident should have been informed.

Anyone who thinks they might be involved should take immediate steps to protect themselves. 

Vision Direct claimed that it resolved the immediate issue and took steps to prevent any further possibility of data theft. It also made improvements to better detect any malicious attempts to access its website.  .