Customers of the UK payday loan firm Wonga were warned that their personal details might have been stolen. The company explained that it was investigating illegal access to the personal data of its customers in the United Kingdom and Poland. According to the current information, 270,000 new and former customers, of which 245,000 are in the United Kingdom, could have been affected by the data breach.
Wonga offers 3-month loans priced at 1,286% APR and short-term 1,509% APR deals. The company started to contact borrowers last week, telling them there might have been illegal access to some of their personal data on Wonga.com account and offering them support via a dedicated phone line. Wonga said that the compromised data might have included name, email address, home address, phone number, the last 4 digits of a card number and/or bank account number and sort code. The company also believes that Wonga accounts had not been compromised, but customers were recommended to look out for unusual activity there.
This incident may completely destroy reputation of Wonga, which has been criticized for a series of controversies in recent years. The company advertised heavily on TV and via football sponsorships, but the financial regulator has found it issuing loans to customers who could not afford to repay them. Wonga was also found to have chased bad debts with letters from a fake law firm.
According to information disclosed by Wonga, after the introduction of tougher rules on lending it made a pre-tax loss of £80.2m in 2016, up from £38.1m the year before. The company website contains no information about the breach and carries its usual information on how to apply for its loans.