Attempted data breach of Toys "R" Us rewards members accounts
Friday, Feb. 3, 2017
WAYNE, N.J. (WRDW/WAGT) – Toys“R”Us is alerting customers with Rewards“R”Us accounts of an attempted data breach.
According to the company’s IT security team, there was an attempt to gain unauthorized access to Rewards“R”Us accounts and thus redeem some members’ Reward coupons between November 11, 2016 and January 17, 2017.
The company expects this activity is related to previously reported online breaches through the vendor that manages the Rewards”R”Us program, and is not affiliated with Toys”R”Us. In those previously reported breaches, thieves stole login names and passwords.
The company believes thieves were attempting to gain account information including loyalty members’ names, email addresses, mailing addresses, and phone numbers. They do not believe the accounts were access and have no reason to believe that account passwords were compromise. However, the company is recommending all loyalty members change their passwords. They are also working with the vendor to make sure additional security measures are implemented.
If you have a Geoffrey’s Birthday Club account and it is linked to your Rewards”R”Us account, you are also encouraged to change your password.
1. Visit the Forgot Password section of the Rewards”R”Us website,
2. Enter your Membership # and the Email address associated with your account and click "Submit". If you lost or forgot your Membership #, click on "Forgot Membership #".
3. Answer the security question and create your new password. The company recommends a complex password that includes a mix of letters, numbers, and symbols. Do NOT reuse passwords.
4. A pop-up window will appear upon a successful password change.
5. Login to your account using your Membership # or email address and new password.
If you have more questions, contact Toys “R” Us customer care at 1-800-TOYSRUS.