Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Wonga Data Breach: Almost 270,000 customers could be affected

Payday loan firm Wonga says it is “urgently investigating” a potential data breach that could have affected up to 270,000 customers.

The company says the hack involved “illegal and unauthorised access” to the personal data of current and former customers in both the UK and Poland, with up to 245,000 UK borrowers potentially affected.

It remains unclear where the hack took place, but Wonga is said to have known of the attack for more than a week – though it initially didn’t believe data had been stolen.

Related: Best VPN

The lender has began making customers aware of the hack on Saturday, providing details of a dedicated customer services phone line.

Affected borrowers were informed that the data accessed may have included names, email addresses, home addresses, phone numbers, the last four digits of card numbers (but not the whole number) and/or bank account numbers and sort codes.

According to the firm, customers’ login details for their online accounts didn’t seem to have been stolen at this point.

In a statement, it said: “We do not believe your Wonga account password was compromised and believe your account should be secure, however if you are concerned you should change your account password.”

A message sent to those affected read: “We believe there may have been illegal and unauthorised access to some of your personal data on your Wonga.com account.”

The company also said in a statement that it was “working closely with authorities” and is “in the process of informing affected customers.”

The police, Information Commissioner’s Office (ICO), and the FCA have all been made aware of the suspected breach. with a spokesperson for the ICO telling The Guardian: “All organisations have a responsibility to keep customers’ personal information secure. Where we find this has not happened, we can investigate and may take enforcement action.”

If you’re concerned that you may have been affected, the company advises contacting your bank and asking them to be monitor for suspicious activity.

It also says customers should be more aware of online or telephone scams, and has set up a help page with advice, which can be found here.

Let us know what you think of the data breach in the comments.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.