Footwear retailer Office is urging its online customers to change their passwords following a security breach, which has seen personal details including names and addresses accessed.

The firm says hackers were able to access the personal information of customers who opened accounts before August 2013.

But credit card, debit card, bank and PayPal details have not been compromised in any way, Office chief executive Brian McCluskey says in an email to customers.

Names, addresses, phone numbers, email addresses, birth date, birth month (but not the year of birth) and passwords for Office accounts were accessed.

Customers who opened Office accounts after August 2013 are unaffected by the breach, which Office first became aware of on 22 May.

Office says it has reset customers' passwords, and next time they visit the firm's website they'll need to create a new one. If you're an Office customer who uses the same password for other websites, you should change those too.

It's the second high-profile security breach revealed this month. Last week eBay urged its customers to change their passwords after it revealed information including names, phone numbers and addresses were accessed earlier this year (see the eBay cyber-attack MSE News story for more).

How do I create a new Office password?

Office says you can create a new password by going to its login page and using the 'forgot your password' link to change it.

The retailer says it won't email you to change your password unless you ask it to. It also won't telephone you.

What does Office say?

We're still awaiting a comment from Office, but in his email to customers, McCluskey says: "The protection of your data is of the utmost importance to us and we are treating this extremely seriously.

"Our customers remain our number one priority and we have taken the necessary measures to secure your information.

"We will update you if we get any more relevant information. We are sorry that this has happened and we would like to thank you for your continued support and understanding."

Password tips

There's an art to creating good passwords and making sure they aren't easy for hackers to guess. Here are some of's tips:

  • Make sure it isn't obviously associated with you. Avoid using your date of birth, pet's name, or any other information hackers could easily access on a social network or by going through your bins.
  • Use a mixture of words, numbers and characters. Passwords can still be memorable even when you jumble up numbers and letters, for example: M0n3y5av7ng3xp3rt.c0m!
  • Use different passwords for different sites. This ensures that if someone were to guess one of your passwords, they wouldn't be able to get into all your accounts.
  • Keep them safe. If you're using lots of different passwords, it's tempting to write them down. But that can be dangerous. So try to use a piece of technology that requires a password to get to the passwords.