„The data breach revealed information such as names, payment card numbers, email addresses, home addresses, phone numbers, gender and dates of birth.”, according to Belgian Data Protection Authority.
Mastercard has notified regulators in Germany and Belgium about a loyalty programme data breach affecting the details of several thousand customers. The card giant noticed on 19 August that customer data from the ‘Priceless Specials’ loyalty programme had made its way onto the internet for „a certain period of time”, says a statement from the Belgian Data Protection Authority.
A „significant portion” of the victims are German, Mastercard says. Belgian authorities were notified because the company has its regional headquarters in Waterloo.
In a statement to Bloomberg, Mastercard says the breach „has no connection to Mastercard’s payment transaction network,” adding that „there was an event involving the Specials loyalty platform in Germany managed by a third-party vendor, which resulted in the unauthorized distribution of certain information”.
David Stevens, chairman, Belgian Data Protection Authority, says: „We have received a lot of questions and complaints since the announcement of this incident, we want to reassure users: we have contacted MasterCard in order to get additional information, and are following this case closely together with the Hessian data protection authority and all the other possible concerned authorities.”
„For more than a week now, ScoreRise enrolls daily hundreds of users through an innovative facial recognition interface. Enrollment takes less than a minute and it does not require presence of a human operator or video recording. And, of course, it stays fully GDPR compliant with help from Reff & Associates and Deloitte Romania.”