On Tuesday 28 June, Statoil Fuel & Retail closed down its customer portals in Norway, Sweden and Denmark after becoming aware that their information may have been compromised as a result of a data breach. The company has also notified the Data Protection Agency of the situation.
“There are indications that client data may have been compromised. We are taking this very seriously. At this time we do not have a total overview of the scale of the incident, but are working to establish it as soon as possible. As an immediate measure we have closed down these three portals to prevent unauthorised access while we work to identify the problem and install additional security measures”, says Bård Standal, general counsel at Statoil Fuel & Retail.
Statoil Fuel & Retail is working hard to establish what kinds of information may have been extracted from its systems. It cannot currently rule out the possibility that customer information has been compromised.
“We have no information that loyalty card information has been misused, but as long there is a theoretical possibility that it could happen, we are increasing preparedness. Among other actions, we have intensified our monitoring of the cards’ activity”, says Standal.
Statoil Fuel & Retail recommends that anyone seeking assistance should contact their local customer services. Relevant contact details are available on www.statoil.no, www.statoil.se and www.statoil.dk.
“We apologise for any inconvenience the closure of these customer portals may cause our customers. We will publish an update as soon as we have confirmed information from our technicians. The customer portals should be up as soon as any issues are corrected and their information security is safeguarded”, says Bård Standal.
Source: Statoil Fuel & Retail
Update: Thanks to a tweet by @thosheim, I just learned that some evidence of the hack was posted to Pastebin on June 23.