The homeware retailer, Ikea, has issued an apology to Singapore-based customers that may have been adversely impacted by a data breach the firm suffered.
The data breach occurred after the company mistakenly pasted 410 customers’ email addresses into a promotional communication which was then sent out to others who had signed up to receive marketing material.
The data breach took place as the email was sent out at 4:57pm last Thursday, a spokesman for Ikea explained.
The Swedish retailer “regretfully made an error of inserting 410 individual email addresses in the ‘To’ field in an Ikea service delivery promotion e-mail sent to our customers,” the spokesperson said, adding that the email address list had been placed in clear view for all recipients.
A swift follow-up email was put together as soon as those responsible for the mistake realised what had happened. However, an internal draft apology was accidentally included in the second email.
“In our haste to notify the custo-mers as quickly as possible, we again made a mistake by sending half the recipients an internal draft of the apology notice instead, an oversight that we are embarrassed about,” Ikea said.
The company has since underlined the seriousness with which it takes data protection and securing customers’ private data. The firm says it has notified the Personal Data Protection Commission (PDPC) in Singapore.
The terms of the PDPC stipulate that organisations must generally have the consent of the data subject when harvesting, storing or sharing personal data.
In July, global beauty retail brand, Sephora reached out to its online customers following its discovering of a data breach hitting users in Australia, New Zealand, the Philippines, Thailand, Indonesia, Malaysia and Singapore.
Also in July, the PDPC launched an investigation into Geneco, after the firm inadvertently compromised the email addresses of over 350 prospective customers.