Dutch Steel Homeware Maker Brabantia Has Been Popped

The company sent a vague email to consumers, saying that "as part of our routine monitoring, we have been made aware that our database accounts have been subject to unauthorised access in the last 24 hours and that some customer details may have been compromised.”

The data potentially affected is limited to names, “email (address),” and products ordered, according to Brabantia

It’s unclear whether "email (address)" means postal as well as email address, however both pieces of information are retained in website accounts.

Brabantia cancelled all account passwords, which raises the question of whether those credentials were encrypted.

“El Reg signed up for a Brabantia account and found none of the typical red-flags suggesting passwords may be stored in plain text – the most common reason for a rescinding of all passwords following a breach,” the Register reports.

After signing up for an account, users receive an email displaying their password as a series of asterisks of standard length (not the actual number of characters in the user’s password). Another indication of relatively sound security is that users can choose a lengthy password.