Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Kids’ shoes seller Start-rite suspends sales following breach

Re-used your creds elsewhere? Might wanna change those

Children’s shoes retailer Start-rite Shoes has suspended sales following the discovery of an attack by hackers last weekend.

UK-based Start-rite reckons hackers may have obtained customer names, postal address, telephone number and email address of its clients.

Payment details are not stored on the site and therefore should be safe. Start-rite has nonetheless decided to suspend ops in order to run a full security audit, as an advisory note by the retailer explains:

At the weekend, an unauthorised person managed to breach the security of our website and we reacted immediately implementing a security fix. As an extra precaution we have temporarily taken startriteshoes.com offline whilst we implement a full security audit.

Our system doesn't allow us to currently take orders or payment over the phone, so clients should be wary of approaches on that from because they are likely to come from criminals. A heightened risk of phishing in general in the biggest practical outcome of the breach.

Although reassuring customers that “password information is also secure”, Start-rite is still advising customers to change their login credentials once the site is back up and running. This isn’t terribly reassuring, especially when set alongside Start-rite's advice to change passwords on third-party sites should customers have re-used the same login credentials elsewhere.

A simple statement that passwords were hashed and salted used industry best practices would have been more reassuring.

All this aside, Start-rite is apologising to its customers for its temporary suspension of services, though the likely duration is currently unclear. It promised to run a sale offering 20 per cent off full-priced items and a 70 per cent discount on select goods once it returns online.

Start-rite screenshot

The front page of Start-rite’s site states that the site is down for maintenance work, which is taking longer than expected. Information on the breach comes from a customer notification email seen by El Reg.

Norwich-based Start-rite – which describes itself as a world leader in children’s fitted footwear – is yet to confirm a breach via its official Twitter feed either. El Reg invited it to clarify the situation but is yet to receive a reply.

Boot-note

Thanks to Reg reader Leo for the head's up on the breach.

Similar topics

TIP US OFF

Send us news


Other stories you might like