Compromise of credit card details.
Malicious website intrusion.
Undertaking issued to ensure that the website is subject to continued penetration testing and kept to an appropriate level of security.
Reason for action
Security measures in place were deemed insufficient to prevent a determined attack.
09 August 2011.