Woolworths claims that the personal information of 2.2 million customers of a website it owns has been compromised.
Woolworths-owned MyDeal announced today that “a compromised user credential was used to gain unauthorised access to its Customer Relationship Management (CRM) system, resulting in the exposure of some customer data.”
Woolworths said in a statement that it is in the process of contacting the estimated 2.2 million people affected by email. The data accessed includes customer names, email addresses, phone numbers, delivery addresses, and, in some cases, the customer’s date of birth for anyone who has had to prove their age when purchasing alcohol. According to the company, only 1.2 million customers’ email addresses were exposed.
“MyDeal does not store payment, driver’s licence or passport details and no customer account passwords or payment details have been compromised in this breach,” Woolworths said.
It stated that the Mydeal.com.au website and app were not affected. There has also been “no compromise of any other Woolworths Group platforms or the Woolworths Group customer or Everyday Rewards records”.
MyDeal CEO Sean Senvirtne said, “We apologise for the conside
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: