Wine retailer Vinomofo has become the latest Australian business to be targeted by hackers, with reports suggesting as many as half a million customers may have had their information exposed.
A letter to customers published by security expert Troy Hunt, revealed that a wide variety of personal data may have been stolen by the attackers.
“An unauthorized third party unlawfully accessed our database on a testing platform,” it noted. “Information about you that was contained in the database that may have been accessed may include name, gender, date of birth, address, email address and phone number.”
Although the firm claimed that “the risk to customers and members” is low – and that the firm doesn’t store passport, driver’s license or financial information – the info potentially exposed could put customers at a high risk of receiving convincing phishing emails going forward.
It’s unclear how many individuals were affected by the incident, but reports suggest Vinomofo has around 500,000 customers.
The news comes just days after Woolworths Group subsidiary MyDeal revealed that 2.2 million customers may have been impacted by a breach of its CRM systems, after hackers got hold of an employee’s access credential.
“The MyDeal customer data which has been accessed includes customer names, email addresses, phone numbers, delivery addresses, and in some instances, the date of birth of customers (who have previously been required to prove their age when purchasing alcohol),” it said in a statement.
“For 1.2 million customers involved in the breach only their email addresses were exposed.”
Info cited by Hunt on Twitter appears to suggest the hackers are already looking to sell the data online, having released a small trove to prove they mean business.
The back-to-back breaches come just days after Australian telecoms player Optus revealed that a major breach in September exposed data on over two million of its customers.