Boomerang Investigating Alleged Hack, Unable To Find “Conclusive Evidence” So Far

Rental service Boomerang Games have begun an investigation with a third party to try and discover if they were hacked and credit card information was stolen. A couple of weeks ago many of their customers started reporting credit card fraud, including our own Dom, on a card he only used for Boomerang and Amazon.

An update on their Facebook page says they were advised against sending a “blanket email” to all their customers, as this may have broken “ICO Guidelines warning against “over-notification”, whatever they are.


The following statement was posted on their Facebook page.

The investigation is progressing with the authorised, Third Party specialist we have appointed.
This is at the forensic level and is detailed and painstaking work. As yet, they have not been able to find conclusive evidence of a breach or how this might have taken place. Of course, this could change, as the investigation progresses, and we will keep you informed on this.
Understanding what has happened and where, with regards to compromised card details is very important to us also.

In other news, guess what? The credit card I use for Boomerang was just charged over £1500 at a “woman’s sport store” in Rotherham. I’m not sure if NatWest phoned because of the large payment or that they knew that I was unlikely to be doing any lady sports.

If you are a Boomerang customer keep a close eye on your bank account.

Source: Facebook



  1. Never knew there were official guidelines on “over notifying”. But there are. The ICO basically says “don’t email 2 million customers if only 2000 were affected”.

    Which is very sensible. Could lead to massive costs for everyone involved if 2 million people panicked and cancelled cards.

    Of course, everyone will moan about not being notified once they’ve heard of 1 person having an issue. Even if that’s the only person affected. In which case it sucks to be that 1 person, but at least they have a good excuse to cover up any secretive lady sports activities ;)

  2. So how come, when Sony couldn’t prove they weren’t hacked, they had to face the world and paint a worst case scenario picture (which the press then took as verbatim and had a field day with), yet these clowns can do the opposite, because they can’t find any evidence, it didn’t happen in their eyes..

    What a screwed up world we live in. The company that did the right thing and cane clean about their hack, turned out not to be hacked (no PSN details have ever emerged and no increase in credit card fraud ever appeared either). The company that are brushing their problem under the carpet seem to have more evidence arriving constantly that contradicts their story…

    • “we don’t know why PSN is down”, 2 days later “oh yeah its because we switched it off” Sony did lie, that’s just a fact.

      • I’m guessing you don’t understand how the grown up world has to work. One day when you are old enough to understand maybe.

        There are legal requirements that have to be met, forensics also take time. You also have to balance the PR aspect. Do you REALLY think that Sony should have told the world they had been hacked at the same point in time that they discovered something was amiss….

        Sony did precisely the right thing. As soon as it was discovered they may have been hacked, they turned it off. As soon as they knew they had been hacked, they announced it, as soon as they knew the extent of the hacks (after lengthy forensics) they gave factual details.

        Microsoft just brush their hacking under the carpet and pretend it never happened.

      • Still doesn’t alter the fact they lied. And kudos in managing to get some Sony praising and Microsoft bashing related this article! You have made me laugh on this miserable morning as I head to work!

      • Lol pretending you are old enough to work.

      • Ha ha I actually laughed out loud at that! I’m old enough to know better than to argue with such an intellect as yours but I can’t resist.

  3. Welcome to TSA and goodbye.

    • Sorry I removed the spam post so now yours looks a bit funny :P

  4. Hmm, glad I received a new card in the post this weekend then… :|
    While I’m not a regular Boomerang subscriber, they’ve been great the few times I have used them so fingers crossed they come back clean.
    Can’t see many people using them if they have indeed been hacked and, to my knowledge, they are the only providers of rental games these days now Blockbuster is dead and buried.

Comments are now closed for this post.