Louise, a former employee of cosmetics giant Shiseido, shares her harrowing experience after her data was stolen in a breach. Criminals targeted Louise by applying for a loan in her name and then pressuring her to transfer money to them. When she refused, they resorted to threats, including posting naked photos of her online.
Shiseido reported the incident to the Information Commissioner’s Office and informed staff about the data breach. However, the company remains uncertain about how the employees’ data was compromised. Victims, including Louise, have also received letters from Companies House regarding fraudulent company registrations in their names.
Louise recounts receiving a call from someone claiming to be from her bank, who already had her personal information and informed her of the loan taken out in her name. Realizing the situation was suspicious, she contacted her actual bank and discovered an unauthorized payment in her account. The criminals later called her back, demanding that she send the money to their account and issuing threats when she refused.
Another victim, Angela, discovered she had been named as a director for a company she had no knowledge of. Fraudsters claiming to be a tax rebate company also applied for tax rebates on behalf of Shiseido employees, diverting the payments to themselves. Some rebates were genuine, but others were fabricated.
Shiseido has offered affected individuals access to credit and identity monitoring services, along with regular updates and support. The company has also obtained a court order to remove company details from employees’ addresses and is cooperating with HMRC to address the tax rebate fraud.
