Australian online retail marketplace MyDeal has confirmed a data breach exposing data of approximately 2.2 million customers.
Australian online retail marketplace MyDeal has confirmed a data breach exposing data of approximately 2.2 million customers.
Woolworths purchased 80% of the company in September but said their systems are on a completely different platform and unaffected by the incident.
MyDeal stated that it suffered a data breach after a hacker exploited compromised user credentials to access the company’s Customer Relationship Management (CRM) system, allowing the threat actor to view and export customer data.
The company says that 2.2 million customers were affected by the data breach, with information such as names, phone numbers, email addresses, delivery addresses, and in some cases, birth dates exposed in the attack.
However, MyDeal states that no payment information, government IDs, or account passwords were exposed.
MyDeal has already started to send data breach notifications to impacted customers and say that customers who do not receive one were not affected.
MyDeal does not store payment, driver's licence, or passport details, and no customer account passwords have been compromised in this breach.
On Sunday, the hacker behind the MyDeal breach began selling the stolen data on a hacking forum for $600.
CEO of MyDeal, Sean Senvirtne, said: “We apologize for the considerable concern that this will cause our affected customers. We have acted quickly to identify and mitigate unauthorized access and have increased the monitoring of networks. We will continue to work with relevant authorities as we investigate the incident and we will keep our customers fully informed of any further updates impacting them.”
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?