If you’re a Toys ‘R’ Us loyalist, listen up! Last week Toys ‘R’ Us sent an email to customers stating that they would be resetting their account passwords due to an attempted breach by hackers over the holiday season. Public relations manager Nicole Hayes told NBC News the hacking attempt was “related to earlier online breaches of websites not associated with Toys ‘R’ Us, Rewards ‘R’ Us or our vendor.” The company is urging customers to reset passwords, as the company believes the hackers may be trying to find passwords users have across multiple sites.
Names and addresses may have been compromised in the attack but no credit card details, banking or payment information was in the database.
In an email to customers, the company said the thieves may have been trying to exploit how users have identical passwords for multiple accounts.
The company is reinstating any decrease in points during the attack, which occurred from November 11, 2016 to January 17, 2017. Customers should receive any lost points within a week.
"We are also working with our vendor to ensure they implement additional security protocols to prevent future threats," said Hayes.