Lakeland hacked and passwords reset, customers advised to change passwords elsewhere

Lakeland, the home of all things kitchenware, has been hacked.

In a email sent to customers yesterday, it reported it had suffered a “sophisticated and sustained” attack, with the hackers gaining access through a “very recently identified” Java flaw.

Lakeland email

Potential security breach of Lakeland website.

Late on Friday July 19th we discovered that the Lakeland website was being attacked by hackers in a sophisticated and sustained attack. Immediate action was taken to block the attack, repair the system and to investigate the damage done and this investigation continues.

Today it has become clear that two encrypted databases were accessed, though we've not been able to find any evidence that the data has been stolen. However, we have decided that it is safest to delete all the customer passwords used on our site and invite customers to reset their passwords next time they visit the Lakeland site. Next time you log-in to your Lakeland account you will be asked to reset your password and provide a new one. It is not necessary to do this straight away, just the next time you want to use the account.

While Lakeland reports it’s found no evidence that any data was stolen when two encrypted databases were accessed, it has reset customers’ passwords anyway.

Lakeland also advised that if you use the same password elsewhere on the web then you should change it straight away.

Good advice. If you use a different password on every account you hold, you make things much more difficult for hackers who might try to gain access to your other online accounts.

So repeat after us: I will not use the same password on multiple accounts.

And use a complicated and hard to guess password for each site you use. If you’re worried you won’t be able to remember them all, use a password manager like LastPass or KeePass.