Select Page

Incident: Australian Bunnings Customers Appear To Be Caught Up in FlexBooker Breach | Crikey

Incident: Australian Bunnings Customers Appear To Be Caught Up in FlexBooker Breach | Crikey

Australian Privacy Breach,
10 January 2022

Bunnings private customer data exposed in data breach

Names, phone numbers and email addresses have been exposed via a third-party website FlexBooker.

Source: Bunnings private customer data exposed in data breach | Crikey

Related Bunnings Warehouse and General Retail reports.

Bunnings customers who used its Drive & Collect service have been told their private information may have been leaked in a data breach affecting a third-party software platform.

Bunnings chief information officer Leah Balter confirmed that customers’ data could be included in the leak. She said said the leak would only include customers’ full name and email address as Bunnings does not collect credit card numbers, phone numbers or passwords when using FlexBooker.

In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. FlexBooker – “On December 23, 2021, starting at 4:05 PM EST our account on Amazon’s AWS servers was compromised.”

 

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

* indicates required


Shares
Share This