British Gas has now contacted around 2,200 of its customers warning them that their email address and account passwords were posted online.
The company, however says that it does not think its internal systems have been breached and that BT has taken proactive action and disabled the relevant accounts following the discovery. No bank account or payment information has been revealed, but gaining access to the accounts could have been used to view names, addresses and previous bills.
British Gas, which is owned by Centrica has around 14.7 million customer accounts, with affected users being asked to contact the company or reset their passwords through the company’s website.
An email that the company sent to the affected customers, states:
“I can assure you there has been no breach of our secure data storage systems, so none of your payment data, such as bank account or credit card details, have been at risk.
“As you’d expect, we encrypt and store this information securely.
“From our investigations, we are confident that the information which appeared online did not come from British Gas.”
Until the issue is investigated further, users are currently speculating how the incident occurred. Some experts are suggesting that the perpetrators obtained the information from another breach and simply checked to see if users had recycled the same information.
This alert follows the recent TalkTalk website attack and a glitch on the Marks & Spencer’s website which allowed customers to see each other’s information.