Australian Retail Privacy Breach, 08 September 2023

Dymocks warns customers of data breach after account information leaked on dark web

Customers’ addresses, email addresses, phone numbers, and membership details may have been compromised

Company Statement: DYMOCKS DATA BREACH UPDATES
Source: Dymocks warns customers of data breach after account information leaked on dark web | ABC News (Australia)

View more incidents from Defence sector and incidents relating to privacy breaches

Book retailer Dymocks has warned its customers that some of their information may have been “compromised” and leaked onto the dark web after a cybersecurity breach earlier this week.

Customers were sent an email on Friday afternoon detailing the issue and asking them to be “vigilant”, change their passwords and monitor their bank accounts for “any unauthorised activity”.

Dymocks said it did not know which or how many customers had been impacted or how the breach occurred.

Given that passwords might be on the dark web, Dymocks said customers should change the passwords for their online accounts — including their Dymocks accounts and social media accounts — and monitor their bank accounts.

The investigation is ongoing, the kinds of information impacted vary from person to person (depending on what they have provided us with) and may include:

• name;
• date of birth;
• email address;
• postal address;
• gender; and
• membership details for Booklovers such as your gold expiry date, account status, member created date and card ranking.

Dymocks also stated “Importantly, as we never hold or store customer financial information this information would not be in the customer record.”