Details of almost 450,000 customers compromised in Fastway Couriers hack

Names, addresses and contact details of 446,143 parcel receivers, all of whom were customers of Fastway’s clients, were compromised in the attack. The hacked data relates to Fastway deliveries over a month-long period from mid-January onwards, the company said in a statement.

The data in question is information used for the purposes of delivery, and no financial data or other personal data has been compromised, it added.

On learning of the cyber breach, Fastway said it advised the Data Protection Commission and the Gardaí. Fastway has also made the requisite data breach submission to the Data Protection Commission.

The cyber-attack was identified by Fastway’s third-party IT development contractor on February 25 and was fully mitigated by 9am on February 26. The third-party contractor advised Fastway of the breach on March 2.

Danny Hughes, chief executive of Fastway Couriers, said it is “distressing” that the IT system was compromised by a “malicious hack”.

“I deeply regret that people’s personal data has been compromised and I apologise to our clients and their customers. I want to stress that nobody’s financial data was at risk and the issue is limited to delivery information only,” Mr Hughes said.

“We will continue to work closely with the DPC, the Gardaí and our clients to manage this situation in line with best practice.” 

Fastway said it has engaged an IT consultancy to conduct an incident response and independent review of the cyber-attack.