Wiggle investigating suspected cyber attack on customers' accounts

Wiggle has promised to get back to customers directly regarding an alleged cyber attack on its website.

The online multisport retail giant appears to have fallen victim to a cyber security breach, with a number of its customers reporting that they have received order confirmations for items they didn't purchase, and the delivery addresses were to locations they didn't recognise.

@Wiggle_Sport Are you under cyber attack? I've received an email to say someone's changed my account to their email address and I cant access your website.

— hayley badger (@hayleybadger) June 14, 2020

After alerts were first raised on 12 June and there were reportedly no responses from Wiggle on the matter, one customer got in touch with road.cc directly today to claim that a £30 order was made on his account.

In the tweet below, another claimed that an order for a £237.50 Castelli skinsuit was made without his knowledge.

@Wiggle_Sport someone broke into my account and ordered this. I told c ustomer services as it happened but no one has come back to me. pic.twitter.com/ydhe8tDUiU

— Kobi Omenaka (@Kobestarr) June 15, 2020

The tweet below is the first we have seen where Wiggle confirmed it is taking action, saying its account security team is investigating and customers affected will be contacted directly.

@Wiggle_Sport Are you under cyber attack? I've received an email to say someone's changed my account to their email address and I cant access your website.

— hayley badger (@hayleybadger) June 14, 2020

A number of people who say they have been targeted had complained on Wiggle's social media pages, but in most cases the retailer appears to have just issued brief responses with no further acknowledgement regarding the issue; road.cc has asked Wiggle for a statement.