Australian Information Security Incident Reported: June 1 2019
Australian online fashion e-tailer Princess Polly suffered a data breach which may have exposed customers’ personal and payment information to an “unidentified third party”.
The company warned customers in an advisory note to watch their credit or debit card statements closely and to report unusual activity to their bank.
Princess Polly said that the data breach had been uncovered “recently” and that it impacted customers that shopped on its A/NZ site between 1 November 2018 and 29 April 2019. The attackers may have been able to capture payment details as they were typed into the site
This is the funnies and most unusual incident report you are likely to see. The follow video is a good example how your PR people should follow up on press coverage after your breach goes public.
John Reported (extract)
At the recent Miracle Cure for Insomnia Trade Show, which I think was also called the Auto Aftermarket Expo, sparks flew, between two battery charging Retardistani companies you’ve probably never heard of. There was a highly charged exchange.
The cops were called. There was even an arrest. Sadly, without resistance. That would have been perfect, in the domain of journalism. The alleged victim here – NOCO – that’s ‘N-O-C-O’ – is a 105-year-old Cleveland, Ohio-based maker of battery jump starters (among other things). Allegedly, NOCO had a critical notebook knocked off by an employee of a competitor you’ve probably never heard of, called CTEK. It’s like Alien Versus Predator … only with battery chargers.
At a trade show. “[The employee] stole a notebook from NOCO’s booth that contained NOCO’s sales strategy, contacts and valuable trade secrets. The CTEK employee, whose name has not yet been released, was arrested by Australian authorities.” – Cision PR Newswire
John Cadogan (AutoExpert) runs a YouTube channel focusing on the Australian automotive market.
His “unique” style may not be for all, he is refreshingly unappoligic in his approach.
You can learn a lot from his channel, send him the love, like the video and subscribe.
Australian Information Security Incident Reported: March 13 2019
ASX-listed global outdoors wear and equipment retailer Kathmandu has disclosed it suffered a data breach during the peak post-holidays sales period that saw customers’ personal and payments information captured.
“Kathmandu has recently become aware that between 8 January 2019 NZDT and 12 February 2019 NZDT, an unidentified third party gained unauthorised access to the Kathmandu web platform.
“During this period, the third party may have captured personal information and payment details entered at check-out,” the company said in a statement to the Australian Securities Exchange.
The retailer could not say how many customers are affected.
Australian Information Security Incident Reported: February 06 2019
Bunnings has confirmed it notified the Office of the Australian Information Commissioner of a data breach, after an individual staffer set up an employee performance monitoring database on his home computer and exposed it to the internet.
The database also contained log in credentials for staff and developers, some in plan text, he added.
Furthermore, contact details of 1194 customers were exposed, including email and physical addresses, and phone numbers.
Australian Information Security Incident Reported: December 20 2018
A Big W worker accidentally leaked the personal information of 32 people earlier this year when repairing a printer for a customer, Office of the Australian Information Commissioner (OAIC) disclosures reveal.
The Woolworths-owned discount department store has admitted to an extraordinary instance of human error where an employee enclosed confidential information within a pile of test print-outs provided to a customer to show their printer was fixed.
The document contained the names, addresses and a form of ID for over two-dozen people.