Northampton-based insurance firm Staysure has written to more than 90,000 customers warning them they could have been victims of fraud, after their card details were stolen in a cyber attack.
The security breach at the firm, which is based in The Lakes, happened in October last year, and led to the theft of data including the three-digit verification number on payment cards.
Staysure has written to 93,389 policy holders who took out policies before May 2012, asking them to check their bank statements.
Chief executive Ryan Howsam said: “In the attack, encrypted payment card details of customers who purchased insurance from us before May 2012 may have been stolen, along with CVV details and customer names and addresses.
“In May 2012 we changed our systems and ceased to store any financial data so any customer who joined us after that date is unaffected.
“As soon as we became aware of the problem on November 14, we immediately removed the software and systems that the attackers exploited, and we are confident that we have taken the right steps to protect our customers in the future.
“We immediately hired independent experts to understand the extent of the problem and now we have written to every affected customer to warn them and to ask them to check that they have not been the victims of any fraud as a result.
“We deeply regret that this has happened and are working diligently to make sure that inconvenience to customers is minimised.”
Staysure has since offered affected customers free access to a 24/7 identity monitoring service.
The firm, which is one of the fastest-growing insurance companies in the country, has a customer base of 1.5 million people.