Woolworths Group Subsidiary 'MyDeal' Leaks Personal Data of 2.2 Million
Last Month, Telecom Company 'Optus' Also Exposed Data of 9.8 Million
Australian Government Pledges to Strengthen Privacy Laws
On the 14th (local time), a data breach occurred at 'MyDeal,' a subsidiary of Woolworths Group, Australia's largest retail group, exposing the personal information of 2.2 million customers. Photo by Reuters Yonhap News
[Asia Economy Reporter Kim Sung-wook] A data breach incident occurred at a major online shopping mall in Australia, exposing the personal information of 2.2 million customers. Australia also experienced a leak of personal data of 9.8 million mobile carrier customers last month.
According to The Australian and other local media on the 16th (local time), unauthorized access occurred on the 14th to the customer management system of 'MyDeal,' a subsidiary of the Woolworths Group. As a result, personal information such as customer names, email addresses, phone numbers, delivery addresses, and dates of birth were exposed. MyDeal stated that they informed affected customers of this fact via email.
However, MyDeal clarified, "Payment details, driver's licenses, passwords, and other sensitive information were not stolen," and "For 1.2 million people related to the breach, only email addresses were exposed." They also explained that there was no data damage in other Woolworths Group retail channels such as 'Woolworths' and 'Everyday Rewards.'
Following the incident, Shaun Sanverton, CEO of MyDeal, said in a statement, "We will cooperate with relevant authorities while investigating the incident," and "If additional damages are confirmed, we will notify customers."
Woolworths, Australia's largest retail group, acquired MyDeal last month for about 200 million dollars and currently holds an 80% stake in MyDeal. Peter van der Merwe, Chief Security Officer (CSO) of Woolworths Group, emphasized, "The Woolworths Group's cybersecurity and privacy teams are working closely with MyDeal to support this response."
This incident occurred less than a month after the personal information of 9.8 million customers was leaked from Optus, Australia's second-largest mobile carrier. Optus disclosed on the 22nd of last month that a hacking incident exposed the personal information of 9.8 million customers. The exposed information included names, dates of birth, phone numbers, addresses, as well as passport and driver's license details. Recently, Australia's largest health insurance company, Medibank, also experienced an attack on its network system.
Due to repeated cybersecurity incidents, millions of Australian citizens are feeling anxious about personal information leaks, leading to reissuance of driver's licenses and passports. The Australian government is considering raising fines imposed on companies for data breaches to levels comparable to those in the European Union (EU). On the 30th of last month (local time), Australian Prime Minister Anthony Albanese stated, "Australian companies must do everything possible to protect personal information," and "We will work to strengthen privacy laws."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
