LOQBOX advises customers to check their financial accounts following recent cyber attack
Customer data is likely to have been compromised following the 20 February attack.
Credit-building company LOQBOX has announced that it was the subject of a cyber attack on 20 February, and some of its customers’ personal information is likely to have been compromised.
While the company says that all funds remain secure and it is functioning as normal, it has issued advice to customers to contact their bank or card issuer to see if they’ll need to take any action and to use the advice on the Action Fraud website for more information on how to protect themselves.
What is LOQBOX?
LOQBOX is an alternative credit-building product for those looking to build or improve their credit score. Customers “buy” a LOQBOX and then set up a direct debit that automatically deposits money into the account each month. LOQBOX then reports whether these deposits are finance repayments and reports them to a credit reference agency, which is then recorded on the customer’s credit history.
LOQBOX has also warned affected customers that they may be the victim of potential phishing attacks, in which an individual poses as LOQBOX or another business and attempts to lure customers into providing further personal details. LOQBOX says it will never contact customers asking for their financial details.
Phishing warning
If you’re a LOQBOX customer and you get a call, email or text from someone claiming to be from LOQBOX or another company and requesting your banking or card details, it’s likely to be a phishing scam. Never give your bank or card details to a company that calls you, without verifying its identity. And if you get a scam call, report the incident to your bank or card issuer.
Many phishing scams are sophisticated and convincing, and scammers may use a number of tactics to lure you into giving them your personal and financial details. This includes pressuring you to act by providing a short deadline, offering rewards or incentives, or using your personal information that has previously been compromised to make themselves seem legitimate.