Incident: Australian company Amart Furniture has 100k warranty customers details breached
Australian Retailer Data Breach, 20 May 2022
Australian company Amart Furniture has 100k warranty customers details breached
Database hosted on AWS was the source of the information
Source: Have I been Pwned
In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack. Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.
Correspondance to affected customer reportedly from Amart said
“As a customer who has made a warranty claim, we’re writing to let you know that Amart Furniture has become aware of a data breach that may potentially affect you.
We were made aware late yesterday that our warranty system hosted externally by Amazon Web Services was involved in a cyber attack and some data was breached. Note – this breach only affects customers who have previously made a warranty claim.
Important: no customer financial information or credit card data has been affected.
We can confirm that basic contact information including names, addresses and phone numbers may have been breached. We wanted to let you know to give you the option of taking extra precautions.
The issue is now resolved and as a matter of course we are notifying the appropriate regulatory authorities. All active warranty claims are unaffected.
We very much regret that this breach has occurred and we’d like to apologise for any inconvenience.”