Major Data Breach at Bread Financial Payments Affects Thousands of Customers
- Bread Financial Payments, Inc., suffered a substantial data breach affecting 15,525 customers, with fraudulent activity involving the redemption of credit card rewards points for cash.
- In response, the company has disabled compromised cards, initiated replacements, and promised to restore all lost cash back rewards by May 26, 2023, while working to strengthen its security measures.
COLUMBUS, Ohio – Bread Financial Payments, Inc., a prominent financial services company, disclosed a significant data breach that affected 15,525 of its customers, including 180 residents from Maine. The breach was first discovered on April 28, 2023, although it’s believed to have occurred as early as March 31, 2023.
The breach was perpetrated by an unidentified actor who exploited customers’ personal information to access their credit card rewards points via the company’s Account Center portal. The data in question included the customers’ credit card account numbers, the last four digits of their social security number, and zip code. The fraudster then redeemed these rewards points for cash.
It’s believed that the perpetrator acquired the necessary information from an unknown source not directly associated with Bread Financial’s systems. The extent of the data breach suggests that these were customers who had yet to set up online accounts through the Account Center portal.
The company’s senior director and managing counsel, Lisa Latier, disclosed that the company became aware of the issue when the bad actor started redeeming the rewards points. “As soon as we identified the suspicious activity through our enhanced fraud monitoring, we immediately blocked online access to the Account Center and took measures to prevent further unauthorized access,” Latier said.
In a show of responsibility and a commitment to their customers’ financial security, Bread Financial has disabled the compromised credit cards and has already initiated the process of sending replacement cards to affected customers.
In a notification letter sent electronically on May 22, 2023, the company urged its customers to activate their new cards, destroy the old ones, and update any automatic payment arrangements to avoid disruption to their recurring transactions or subscriptions.
To rectify the situation and as a goodwill gesture, Bread Financial has promised to fully replace the cash back rewards on the compromised accounts by May 26, 2023. Customers requiring assistance or needing to review any activity are advised to call the Care Center at 1-888-819-1918.
