A number of users of K-Citymarket website were victims of a system error.
Screenshot on the K-Citymarket website, where there is a notice of disruption. Kesko/Screenshot from website
Many Kesko customers have become aware of the special problems of the K-Citymarket website over the past 24 hours.
– My information reads the name of a random woman in Helsinki. I logged in with my own IDs, one of the users told me Message service in Jodel.
– Yep. The name, address and contact details are. I logged in with my own ID and confirmed with the email code yet. Still, one completely unknown name, another user writes.
In Jodel, many said on the offer radar channel that they ended up in the service while logging in to another customer’s account, which could see their names, telephone numbers, addresses and Plussa card numbers.
Kesko acknowledges problems such as the description in his online services.
-We know where customers have logged in to the K-Citymarket.fi online store and has encountered an incorrect information view that has also contained information from another individual customer, says a representative responsible for Kesko’s IT Pia Rytilahti.
– We immediately began to investigate with technical experts and service administrators. Based on our survey so far, the misconduct has been affected by a very small number of customers: about 15 customers.
Rytilahti says that the occurrence of similar new cases is prevented by disabled the possibility of logging in to the service. In addition, maintenance has been centrally recorded by all clients who logged out of the service.
– Currently, shopping can be made as a guest, so to speak, without logging in.
According to Rytilahti, Kesko will thoroughly determine the background of the situation and to take the necessary measures based on it.
– We also make relevant service to the authorities. If the customer has detected the situation described above, it may be notified to the Kesko Data Protection Officer to the Data Protection Officer (A) Kesko.fi. Contact will be answered as soon as possible.
According to Rytilahti, it is not possible to store payment card information to the service, ie this information is not available there. As a result, there was no danger that other customers’ purchases have lost money from their own account.