David Jones privacy hack leaves online shoppers vulnerable
DAVID Jones’ database of online shoppers has been breached, with an unknown number of customers’ personal details stolen by hackers.
DAVID Jones customers’ personal details have been illegally accessed after the department store’s IT systems were hacked into last week, the retailer has revealed.
The news comes a day after Kmart experienced a similar online security breach.
The Australian Federal Police are investigating the breach, which happened last Friday, as detailed in an email sent to customers at lunchtime today.
“As soon as David Jones learned of the incident, we moved swiftly to prevent any further unauthorised access,” said the statement, which also appeared on the company’s Facebook page.
“We sincerely apologise that this has occurred and want to assure you, as a valued customer of David Jones, that we are doing everything we can to make sure this does not happen again.”
It is unclear how many customers’ details were accessed; David Jones said it had contacted those affected directly as soon as it became aware of the breach, then opted to make a wider announcement today in the interests of openness and transparency.
The hackers gained access to the customers’ names, online shopping order details, mailing and email addresses — especially concerning for anyone who has deliveries sent to their home.
The company said that no credit card information, financial information or passwords were accessed, and that there was no need to change account settings.
“David Jones takes its customers’ privacy seriously,” the company said in a statement on its website.
“The vulnerability which was used to access the data has been shut down ... This type of unauthorised access is a crime and unfortunately, cybercrime is a persistent threat in today’s world. Despite our best efforts, no business is immune and we sincerely apologise that this has occurred.”
David Jones reported the hack to the Australian Federal Police, Attorney-General’s department and the Office of the Australian Information Commissioner (formerly known as the Privacy Commissioner).
The company does not retain shoppers’ credit card information and stores personal data only where necessary for the ordinary course of business, guided by its privacy policy.
“There is no evidence the data has been misused,” David Jones said.
“We are committed to making this right and are taking action to reduce the likelihood of this happening again. We are reviewing our systems, security measures and working with expert security consultants. Protecting our customers is of paramount importance to us.”
The statement also warned customers to be on the lookout for “unsolicited phone calls or emails that appear to be sent by David Jones” and ask for personal information.
“David Jones will not be calling individuals in relation to this matter unless expressly requested to do so by you.”
Customers with concerns are invited to email David Jones’ privacy team.
Telco misleads 9k customers over NBN speeds
Telstra downgraded the upload speeds for thousands of its Belong NBN customers without telling them or lowering the price.
Demand to Dutton on penalty rates
A major union is calling on the Coalition to pledge support for retail workers’ penalty rates ahead of a Fair Work fight.
Aussie food chain reveals surprise best seller
A fast-growing Australian food chain has revealed its best selling item as it announced a $7.3 million profit for the first half of this financial year.