Categorized Directory

Main Menu

  • Home
  • Search directory
  • Web crawlers
  • Collect data
  • Indexation
  • Bankroll

Categorized Directory

Header Banner

Categorized Directory

  • Home
  • Search directory
  • Web crawlers
  • Collect data
  • Indexation
  • Bankroll
Collect data
Home›Collect data›Bunnings conducts and collects data from customers caught in a FlexBooker security breach on the Amazon cloud | Canberra time

Bunnings conducts and collects data from customers caught in a FlexBooker security breach on the Amazon cloud | Canberra time

By Ed Robertson
January 12, 2022
0
0

news, latest news, Bunnings, Amazon, COVID, FlexBooker

Bunnings customers using the company’s COVID-triggered collect and collect service may have had some of their personal data exposed after the software company behind the service suffered a major security breach that affected 3.7 million people worldwide. Online booking platform FlexBooker said that on December 23, its account on Amazon’s cloud platform was compromised after its data storage was accessed and downloaded. In an “incident alert,” FlexBooker said it worked to restore a backup within 12 hours. “After working further with Amazon to understand what happened, we learned that a certain set of data, including some customers’ personal information, was accessed and downloaded,” he said. This included first and last names, email addresses and phone numbers. “Data accessed did not include credit card or other payment card numbers,” he said. In an email to customers on Wednesday afternoon, Bunnings said it had recently been notified of the breach, which may have “included the name and email address you provided when selecting a time slot for a previous Bunnings drive and collect order”. “We take the privacy and protection of customer information very seriously and sincerely regret that this has happened,” the email said. Bunnings assured customers that “passwords, credit card information and mobile phone numbers are not collected when using Flexbooker to make a booking with us”. “We are confident that none of these categories of customer data has been compromised.” The email goes on to say that Bunnings is “currently working with FlexBooker to better understand how the breach occurred in their systems and the extent of the impact.” “We are directly contacting all customers whose name or email address could be seen,” the company said. Bunnings said while customers weren’t required to take action, they were encouraged, as a precaution, to “be wary of unusual activity in their email accounts and change passwords regularly to improve security. in line”. “At Bunnings, keeping your personal information safe is our priority,” he said. The company’s chief information officer, Leah Balter, said they “will thoroughly investigate this incident.” Bunnings, which introduced the drive-and-collect service in April 2020 to 250 stores across Australia in response to COVID, said it had notified the Australian Information Commissioner’s Office (OAIC). READ MORE: An OAIC spokesperson said he couldn’t speak to specific cases, but expected ‘any organization responding to a data breach involving personal information to act quickly to contain the incident and assess the potential impact on those involved”. “If it is likely to cause serious harm and the organization is covered by the Privacy Act, it should notify affected individuals and OAIC as soon as possible,” the spokesperson said. . OAIC received 446 data breach notifications under the mandatory Notifiable Data Breaches program from January to June 2021. Forty-three percent of these breaches resulted from cybersecurity incidents. “Organizations must be proactive in protecting personal information and preventing these breaches,” the spokesperson said. “We advise individuals to react quickly when notified and take appropriate action, such as changing passwords, checking accounts and credit reports, and watching out for scams.” Australian security expert Troy Hunt, who runs the Have I Been Pwned website, tweeted that 3.7 million accounts were hacked and partial credit card data was also taken. A FlexBooker spokesperson confirmed this report to ZDNet, saying the last three digits of card numbers were included in the breach, but no other data. FlexBooker, which also serves other industries including healthcare and the arts, has been contacted for more details about the breach. In its Incident Alert, it also stated that customer passwords included in the data were encrypted and the encryption key was not accessed or downloaded. He has since restored security to his account and “will continue to work with Amazon to maintain security.” Our reporters work hard to provide local and up-to-date news to the community. Here’s how you can continue to access our trusted content:

/images/transformer/v1/crop/frm/130009714/96fd12cb-dd61-479d-b088-66e0c014da5b.jpg/r1_90_1029_671_w1200_h678_fmax.jpg

Bunnings customers using the company’s COVID-triggered collect and collect service may have had some of their personal data exposed after the software company behind the service suffered a major security breach that affected 3.7 million people worldwide.

Online booking platform FlexBooker said that on December 23, its account on Amazon’s cloud platform was compromised after its data storage was accessed and downloaded.

In an “incident alert,” FlexBooker said it worked to restore a backup within 12 hours.

“After working further with Amazon to understand what happened, we learned that a certain set of data, including some customers’ personal information, was accessed and downloaded,” he said.

This included first and last names, email addresses and phone numbers.

“Data accessed did not include credit card or other payment card numbers,” he said.

In an email to customers on Wednesday afternoon, Bunnings said it had recently been notified of the breach, which may have “included the name and email address you provided when selecting a time slot for a previous Bunnings drive and collect order”.

“We take the privacy and protection of customer information very seriously and sincerely regret that this has happened,” the email said.

Organizations must be proactive in protecting personal information and preventing these breaches.

Spokesperson for the Australian Information Commissioner’s Office

Bunnings assured customers that “passwords, credit card information and mobile phone numbers are not collected when using Flexbooker to make a booking with us”.

“We are confident that none of these categories of customer data has been compromised.”

The email goes on to say that Bunnings is “currently working with FlexBooker to better understand how the breach occurred in their systems and the extent of the impact.”

“We are directly contacting all customers whose name or email address could be seen,” the company said.

Bunnings said while customers weren’t required to take action, they were encouraged, as a precaution, to “be wary of unusual activity in their email accounts and change passwords regularly to improve security. in line”.

“At Bunnings, keeping your personal information safe is our priority,” he said.

The company’s chief information officer, Leah Balter, said they “will thoroughly investigate this incident.”

Bunnings, which introduced the drive-and-collect service in April 2020 to 250 stores across Australia in response to COVID, said it had notified the Australian Information Commissioner’s Office (OAIC).

An OAIC spokesperson said he could not speak to specific cases, but expected “any organization responding to a data breach involving personal information to act quickly to contain the incident and assess the potential impact on those involved”.

“If it is likely to cause serious harm and the organization is covered by the Privacy Act, they should notify affected individuals and OAIC as soon as possible,” the spokesperson said.

OAIC received 446 data breach notifications under the mandatory Notifiable Data Breaches program from January to June 2021.

Forty-three percent of these breaches result from cybersecurity incidents.

“Organizations must be proactive in protecting personal information and preventing these breaches,” the spokesperson said.

“We advise individuals to react quickly when notified and take appropriate action, such as changing passwords, checking accounts and credit reports, and watching out for scams.”

A FlexBooker spokesperson confirmed this report to ZDNet, sayingthe last three digits of the card numbers were included in the breach, but no other data.

FlexBooker, which also serves other industries including healthcare and the arts, has been contacted for more details about the breach.

In its Incident Alert, it also stated that customer passwords included in the data were encrypted and the encryption key was not accessed or downloaded.

He has since restored security to his account and “will continue to work with Amazon to maintain security.”

Our reporters work hard to provide local and up-to-date news to the community. Here’s how you can continue to access our trusted content:

Related posts:

  1. Biden administration will not seek to join Open Skies treaty after 2020 release
  2. Emory creates a new institute for personalized medicine in brain health | Emory University
  3. New Barber Shop Instills Bulldog Name and Spirit: Olmsted Dates and Data
  4. CICSE asks schools to submit average grades for students in class 11, internal exam – The New Indian Express

Categories

  • Bankroll
  • Collect data
  • Indexation
  • Search directory
  • Web crawlers

Recent Posts

  • Live-Action TV Spider-Mans Who Didn’t Appear in No Way Home
  • Bennet bill would create federal definition of school shooting, direct incident data collection
  • The 10 Most In-Demand Entry-Level Remote Jobs Landing Right Now
  • Face-Scanner Clearview accepts the limits of the legal settlement | Economic news
  • Ex-minister embroiled in Hellenic row over staff cuts

Archives

  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • Privacy Policy
  • Terms and Conditions