BreachExchange mailing list archives
Bunnings customers exposed in data breach
From: Terrell Byrd <terrell.byrd () riskbasedsecurity com>
Date: Thu, 13 Jan 2022 10:00:57 -0500
https://thenewdaily.com.au/finance/consumer/2022/01/13/bunnings-customers-data-breach/ The personal information of some Bunnings Warehouse customers has been compromised after a significant data breach at a third-party provider. Bunnings Australia has been caught up in a major cyber security attack after its US-based booking platform, FlexBooker, revealed the data of an estimated 3.7 million users, including Australian shoppers, was exposed to a hack in December. Bunnings’ chief information officer Leah Balter confirmed to The New Daily on Thursday the company was aware of the data security breach experienced and had warned customers. The issue affected customers who used Bunnings’ Drive and Collect service , Ms Balter said. She said Bunnings had taken a “cautious approach”, ensuring the customer information shared with its third-party provider was limited to full names and email addresses. “We are aware of a data security breach experienced by one of our third-party booking providers, which may include the data of some of our customers who have booked a timeslot when utilising our Drive & Collect service,” Ms Balter said. “We’re continuing to work with the third-party provider to further understand the details of how this breach occurred, and the processes being put in place to correct it and we’re reaching out directly to any customers whose name or email address may have been accessed. “Bunnings’ customers are not required to enter sensitive personal information through this provider, such as passwords, mobile numbers, or credit card information, so we are confident that none of these categories of customer data have been compromised.” The matter had been reported to the Office of Australian Information Commissioner – the national independent regulator for privacy and freedom of information – and Bunnings has posted an update on its website. “Bunnings takes the security of our customers’ and team members’ personal information very seriously, and will carry out a thorough investigation into this incident,” Ms Balter said.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Bunnings customers exposed in data breach Terrell Byrd (Jan 14)