Wiggle has today confirmed that a number of its customers' accounts had been fraudulently accessed. The Portsmouth, UK based company is the largest UK online cycle retailer and also owns Chain Reaction Cycles and Bike 24.
Wiggle’s direct data hasn’t been hacked or breached. The issue has occurred where customers use the same password across multiple accounts. Fraudsters have been able to obtain passwords from outside of Wiggle’s network and they then scan the internet to find other accounts in which the password works for. At that point they have been able to access the Wiggle account.
As reported by
road.cc, complaints about unusual transactions and data being changed have been dated back to June 12, including the below purchase of a Castelli skinsuit worth £237.50:
Cyclist magazine also reported on a customer who had a £75 purchase on his account that was due to be shipped to Russia. The customer was later unable to access his Wiggle account after his password was changed.
Wiggle CEO Ross Clemmow today confirmed that a breach had taken place and issued the following statement:
| Data security is of the utmost importance to us. We’ve investigated the isolated incidents where accounts have been accessed, and we understand a small number of customers’ login details have been acquired outside of Wiggle’s systems and some have been used to gain access to Wiggle accounts and purchases made.
We have taken steps to identify these compromised accounts and we will be individually contacting these customers. All impacted customers will be refunded. To protect our customers, all accounts will require the re-entry of card details for the next purchase.
We are aware that where customers utilise the same password across multiple websites, fraudsters with access to some details can feasibly use these to try and gain access to genuine customer accounts. We recommend our customers change their password if they have any concerns. We would like to assure our customers we’re prioritising all enquiries related to this issue.—Ross Clemmow, CEO |
Cycling Industry News is reporting that Wiggle customers will now be required to re-enter their card details on future transactions. It is recommended that Wiggle customers change their passwords immediately, especially if they use the same password across multiple websites.
Article updated for clarity
What annoys me the most is the amount of ‘out of stock’ listings even when you have selected otherwise in filters-even before C19.
For too long they have been complacent and its bit them on the arse.
Many times I've googled something and found nice prices just to click on the link and found it out of stock or discountinued.
It's really annoying.
Thankfully in Australia we now have some good competitive local online shops like MTB Direct, Pushys and BikeBug.
TBH I haven't used 99 Bikes much so can't really say. There's a shop close to me that I've been into a couple of times which seems alright, although it looks like they cater more to the "casual" end of the market.
Jenson USA all the way!!
Just found out last week that my LBS now offers free shipping on 50$ or more orders and they put all their stock online since the pandemic.. will order from then now!
Funny that good successful companies make it big & some rich person that does not need any more money tries to manage that success, does not work, other example would be Santa cruz?
Common sense cries "Bullshit!" when all of the other ads for the same fork are over $1500, and so just to see what thet were really selling, I clicked on the ad. It took me to a page for a rear shock, not even a fork, and while the shock was $459, I checked the price on the Fork they showed in there ad and the actual price on there website was $1719.
My mom has a degree in advertising as likes to tell us all about marketing schemes and advertising strategies, so, being P.O'ed (pissed off) I wrote them some polite hate mail, demanding they fix their advertising.
The first thing they did was send me this:
"Hello
Our customers are what make us tick. We only recommend products that we would use ourselves and we won’t be beaten on price, but how was the Wiggle experience? All feedback, whether good or bad is always warmly received so we can take steps to continue to improve or rightly give a pat on the back for Team Wiggle.
Your feedback here is most appreciated and we will take this on board and raise with the appropriate teams.
Thank you for taking the time to pass on your experience and we hope that we can continue to meet – if not exceed - your expectations."
I don't want to be placated! I want them too be honest! I sent them another email pointing out what they were trying to do,and they agreed to fix that one ad, but that they couldn't fix all there ads on other websites because there were too many.
Anyway, I wouldn't buy anything from 'em. I would rather support my 4, 5, or 6 local bike shops. Wiggle Stinks.
Thanks for listening to my rant, peeps. Have a lovely day
Hey Wiggle - should I be the one with concerns?
YOU store personal information, including payment details, YOU get breached and I'm the one who needs to take action, "if I'm concerned"?