Rain has informed its subscribers that their personal information may have been accessed by cybercriminals following a security breach at the company.
This followed the discovery of unauthorised access to Rain’s invoice storage system by its cyber-security team.
Rain CEO Willem Roos told MyBroadband the security breach occurred after a recent complex upgrade to a variety of their systems.
“This means that some of your historical invoices may have been accessed, with the information limited to your name and postal address,” Rain said.
Roos added that the breach affected only a small portion – around 10% – of their customers.
Despite this breach, the company assured subscribers that their sensitive information was secure and that no action was required from them.
Rain added there has been no unauthorised access to any systems that stored information such as login details, ID numbers, banking, or card details.
“To protect our customers, Rain does not directly store any payment-related information,” it said.
“This sensitive data is stored off-site with an independent specialist partner, utilising bank-level security.”
Rain said its “rigorous security measures were successful in ensuring that further sensitive information remains secure and private”.
The company is now working with the relevant authorities to investigate the unauthorised access.
Rain added that the security vulnerability which allowed criminals to access their system has been identified and remedied.