Australian Retail Email Error, 23 April 2024

Personal data of ‘thousands’ of Hungry Jack’s staff exposed in internal leak

An email to 198 staff from the training and communication portal, included an attached spreadsheet of staff information.

Source: Personal data of ‘thousands’ of Hungry Jack’s staff exposed in internal leak | SMH

View more incidents relating to the Retail sector and incidents relating to email.

Hungry Jack’s confirmed an internal data leak exposing staff personal details, including minors. 198 employees received an email from the burger chain’s training and communication portal, that included an attached spreadsheet of staff information outlining full names, job titles, personal email addresses, start dates, and employment classifications.

The burger chain has recalled and deleted most emails and has implemented additional security measures to prevent future similar incidences, he said. No passwords were disclosed, but employees were urged to regularly change their passwords.

The Retail and Fast Food Workers Union (RAFFWU) has criticised Hungry Jack’s response to the internal data breach as “fanciful” and “farcical”, slamming the burger chain’s claims that only 198 people received the spreadsheet and that it had successfully recalled and deleted emails. The union is also demanding that workers on minimum wage be paid $3000 compensation for the leak.

Hungry Jack’s head of capability, Melissa Anderson, said the inadvertent message was the result of an “internal processing error”.