Ford Money Data Breach 1 August 2023

masonic

Growingold said:

I'm a FORD Money customer and I didn;t receive any email about any competitiion results.  I hadn't even known they were running one.  Did other Ford Money customers receive one?

Was this a scam maybe?

It might be the case that only those agreeing to receive marketing communications would get such an offer.

TheWoodler

I received no emails about any competition being run by Ford Money - I’m signed up to receive marketing communications, as well as checking into the website regularly, and you’d think they would have publicised the competition in the first place as well as emailing the results.

It also seems strange for financial institutions to run competitions. Many do offer prize draws in return for marketing surveys or response to user community questions, but a prize draw is not a competition. Crucially, prize draws fulfil certain criteria legally that prize competitions do not - competitions are more complex legally as promotional activity. 

When was the competition, and what were the prizes? Another one whose first thought is ‘scam’, I’m afraid. 

DeLaSole

Hi LikeaDream,

Has your relative written to the ICO to report the breach?

Best wishes.

friolento

Another Ford Money customer here who had not heard of any competition by them before, and has not had the emails mentioned. There also doesn’t appear to be any coverage of a Ford Money GDPR breach in the news. I am not sure whether and why I should now be worried about any malware. I agree, it is more likely a scam. 

@LikeaDream, can you share the text of the two offending emails, and the email header information? What was the email address the sender used? What was the competition, when was it run? How many email addresses have been  revealed? 

FindingBBob

lcooper said:

Another Ford Money customer here who had not heard of any competition by them before, and has not had the emails mentioned. There also doesn’t appear to be any coverage of a Ford Money GDPR breach in the news. I am not sure whether and why I should now be worried about any malware. I agree, it is more likely a scam. 

@LikeaDream, can you share the text of the two offending emails, and the email header information? What was the email address the sender used? What was the competition, when was it run? How many email addresses have been  revealed? 

It wasnt a scam, calm down - I got the competition email. I didn't enter. It was about telling stories about what you have saved for etc I don't remember the details. I doubt it would hit the news as the numbers of customers impacted will be small. As i didn't enter I did not receive the email that @likeadream references.. but I would not be worried, your email address has likely been scrapped numerous times (mine has), this is just a clerical error . I guess the competition may have been product specific, I have their flexible saver. You may also want to check if you have marketing permissions switched on or off - if off I doubt you would not have got the original email. 

friolento

FindingBBob said:

lcooper said:

Another Ford Money customer here who had not heard of any competition by them before, and has not had the emails mentioned. There also doesn’t appear to be any coverage of a Ford Money GDPR breach in the news. I am not sure whether and why I should now be worried about any malware. I agree, it is more likely a scam. 

@LikeaDream, can you share the text of the two offending emails, and the email header information? What was the email address the sender used? What was the competition, when was it run? How many email addresses have been  revealed? 

It wasnt a scam, calm down - I got the competition email. I didn't enter. It was about telling stories about what you have saved for etc I don't remember the details. I doubt it would hit the news as the numbers of customers impacted will be small. As i didn't enter I did not receive the email that @likeadream references.. but I would not be worried, your email address has likely been scrapped numerous times (mine has), this is just a clerical error . I guess the competition may have been product specific, I have their flexible saver. You may also want to check if you have marketing permissions switched on or off - if off I doubt you would not have got the original email. 

DOn't worry, I am entirely calm, my email address has never been scrapped, I do have marketing permissions set on in my FM account, but I probably didn't fit the profile of people they were after as I never had more than £20 in my FM account for the last 6 years. Thanks for confirming that there was a competition email, and therefore unlikely that it's a scam.

BooJewels

I got it too - on 21st June.  I just filed it as I'd only opened my account that week, so nothing to tell - they wanted stories about how Ford had helped you save for something.  Not that I would have entered anyway.  This is a paragraph from the centre of the email that sort of summarises it - I've removed the link URL on the T&C as it was a tracker one - but it led to a 2 page pdf on Ford's domain:

"My team will share some of these stories on Ford Money's social channels throughout 2023. The best part? Everyone who shares their story can also enter into a prize draw for a chance to win £1000, which we'll choose at random on 10th July 2023. If you win, we'll add the £1000 to your Ford Money Flexible Saver account balance. See the prize draw terms and conditions for more information."

It all looked legit to me - styling and language consistent with Ford's usual presentation, mouseovers on email addresses went to the Ford domain, headers looked good etc.

jimjames

LikeaDream said:

Many people won't know their email addresses have been compromised. May not have changed their email password in years. Spam and phishing emails could carry malware. Ford Money has no idea how secure or insecure are any of those devices used by their customers and it only takes one malware download out of the hundreds to capture emails and those data breach email addresses.  

This does seem a rather big overreaction calling this a compromise situation that's relying on multiple stages happening for anything to even be breached. It's nothing to do with Ford Money whether an email password has been changed and makes absolutely no difference to the security of your relative's email address. If a device has been compromised I suspect that the recipients of one email amongst thousands is unlikely to be top of the list for a hacker to access when far easier sources of email addresses are available. On it's own an email address isn't really going to do much, I'm not sure how bigjim1998@hotmail is going to link to my name or address for example.

flaneurs_lobster

Nothing's been compromised, it's not even a "data breach". Someone has stuck a load of email addresses into "CC" rather than "BC".

Happened in The City a few years back. A new "Gentleman's Club" had solicited membership enquiries by email and then replied "CC" to the prospective members. 

A few names on there raised some eyebrows, even more so that they had used their work email address.

sheslookinhot

LikeaDream said:

On 1 August 2023 Ford Money's Head of Marketing sent two emails to Ford Money savings customers about the result of a competition. Unfortunately, those two emails shared the email addresses and names contained in those email addresses to all other participating current Ford Money customers. I checked for the relative that's now seriously distressed and concerned to find that a large number of those email addresses have been compromised and therefore computers are at risk of potentially running malware capturing email addresses for scammers and spammers. As such all those customers are now at high risk of receiving phishing attacks because the data breach links the email address to a person holding an active Ford Money savings account.

The relative is now so upset at Ford Money's dismissive attitude that I hope Martin Lewis can get the FCE Bank to actually help all those Ford Money customers to be safe and secure.

How much does your relative want ?

just as well your “relative” is not in a real crisis.