Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers
House › Cybercrime
Retail Big Woolworths Discloses Knowledge Breach Impacting 2.2 Million MyDeal Prospects
By Eduard Kovacs on October 17, 2022
Tweet
Australian retail large Woolworths revealed on Friday {that a} latest knowledge breach has impacted the knowledge of two.2 million MyDeal clients.
Woolworths acquired 80% of the MyDeal on-line market in September, however says MyDeal techniques are utterly separate from its personal techniques, which haven’t been impacted by the incident.
In accordance with the corporate, a menace actor leveraged a person’s compromised credentials to entry the MyDeal buyer relationship administration (CRM) system.
This gave the attacker entry to MyDeal buyer knowledge, together with title, e mail handle, cellphone quantity, supply handle and, in some circumstances, date of delivery. Woolworths mentioned 1.2 million of the impacted clients solely had their e mail handle compromised.
“MyDeal doesn’t retailer cost, drivers licence or passport particulars and no buyer account passwords or cost particulars have been compromised on this breach. The shopper knowledge was accessed inside the MyDeal CRM system and the Mydeal.com.au web site and app haven’t been impacted,” the corporate defined.
Impacted clients are being notified by way of e mail. Authorities have additionally been knowledgeable.
Information of the breach comes a couple of weeks after Australian telecommunications firm Optus disclosed a cybersecurity incident impacting practically 10 million people, together with 2.1 million who had numbers related to their identification paperwork compromised.
Associated: Australia Flags Robust New Knowledge Safety Legal guidelines This 12 months
Associated: Australian Company Regulator Discloses Breach Involving Accellion Software program
Associated: Australia Mulls Harder Cybersecurity Legal guidelines After Knowledge Breach
Get the Every day Briefing
- Most Current
- Most Learn
- Zimbra Patches Below-Assault Code Execution Bug
- Zoom for macOS Incorporates Excessive-Threat Safety Flaw
- Retail Big Woolworths Discloses Knowledge Breach Impacting 2.2 Million MyDeal Prospects
- New ‘Status’ Ransomware Targets Transportation Trade in Ukraine, Poland
- Fortinet Admits Many Units Nonetheless Unprotected In opposition to Exploited Vulnerability
- 75 Arrested in Crackdown on West-African Cybercrime Gangs
- New ‘Black Lotus’ UEFI Rootkit Supplies APT-Stage Capabilities
- Cybersecurity M&A Roundup for October 1-15, 2022
- Flaw in Microsoft OME Might Result in Leakage of Encrypted Knowledge
- Timing Assaults Can Be Used to Verify for Existence of Non-public NPM Packages
On the lookout for Malware in All of the Fallacious Locations?
First Step For The Web’s subsequent 25 years: Including Safety to the DNS
Tattle Story: What Your Laptop Says About You
Be in a Place to Act By Cyber Situational Consciousness
Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant
2010, A Nice 12 months To Be a Scammer.
Do not Let DNS be Your Single Level of Failure
The best way to Determine Malware in a Blink
Defining and Debating Cyber Warfare
The 5 A’s that Make Cybercrime so Engaging
The best way to Defend In opposition to DDoS Assaults
Safety Budgets Not in Line with Threats
Anycast – Three Causes Why Your DNS Community Ought to Use It
The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations
Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise