An official disclosure has been made, indicating over 800k worth of data breached, that has been uncovered in an Australian retail bookstore.
A retail book store by the name Dymocks which is located in Australia, has gone ahead to inform thousands of its customers over a possible data breach, which has their personal data exfiltrated by a hacker.
The company which has over 60-physical stores, and an online purchasing store stated that on September 6th, an incident was recorded, over unauthorized access into their system, and customers records were eventually compromised.
In a public notice issued on the 8th of September Dymocks Stated:
“We recently became aware of a data breach of customer information. We have a strong commitment to customer privacy and data security and while the magnitude of the breach has not been confirmed or determined at this stage, we are taking immediate actions to investigate the incident and protect customers information.”
The organization stated that the unusual event, was reported by a concerned third-party after discovering a conversation about Dymocks customer records being available on the darkweb. This prompted them to alert their cybersecurity teams, and launch an internal investigation.
Dymocks stated that they are currently on the situation putting all needed effort to determine if the compromise, was as a result of their own security weakness, or that of a third-party service, that has processed their customers data on their behalf.
They also stated a clear understanding of the number of their customers whom may have been impacted by this attack, is yet to be determined, and their security team, are working hard to get a close range of impact to their customers.
However, the company also disclosed that sensitive information that may have been possibly obtained in the compromise, include: names, date of birth, email address, postal address, gender, and membership details of Booklovers which includes: gold member expiry date, account status, member created date, and card ranking.
The company has also given information to its customer, on quick actions to take upon noticing that they might have been breached.
Please do let us know in the comment section what are your thoughts about this.