Dear Customer, We are writing to notify you about a security incident with one of delivery partners, Fastway Couriers. Regrettably, Fastway suffered a cyber-attack in which an index within one of their reporting applications was compromised. This index may have included some of your personal data. The personal data consists of your name, address, telephone number and email address only. No other personal data has been compromised. Fastway does not hold any financial or other sensitive personal data. The vulnerability in their system occurred on the morning of the 24th of February and was contained within a time period of approximately 48 hours. During this period an unauthorised intruder gained access to the personal data. Fastway have reported this incident to the Data Protection Commission and will continue to engage with the Data Protection Commission in relation to the incident. They have also reported it to the An Garda Siochána and an investigation has commenced. Furthermore, Fastway have engaged an independent 3rd party to conduct an audit in order to reassure all clients that their systems are fully secure, and take any recommendations that might further enhance this for the future. All development deployments were suspended purely as a precautionary measure until Fastway had conducted a security review, even though this was isolated to only one server which has been contained. Fastway would like to reassure you that they take their obligations to safeguard personal data very seriously and will take all steps necessary to ensure that such an incident does not occur in the future. While they take this breach very seriously they are also satisfied that the personal data involved is limited to name and contact details used to deliver your parcels. Please note, this matter affects parcels delivered by Fastway between January 23th and February 24th, 2021 only. Further updates will be published on the Fastway Website in due course here. |