Australian bookstore chain Dymocks Booksellers, which also operates in Hong Kong and New Zealand, has been impacted by a data breach
that has compromised more than 836,000 customers, reports BleepingComputer
After being informed by Have I Been Pwned creator Troy Hunt of its customer data being stolen, Dymocks said that ongoing investigation has so far revealed the theft of customers' full names, birthdates, email and postal addresses, gender, and membership information. However, no financial details have been affected, according to the book retailer, which noted no evidence suggesting any compromise of its systems and a potential third-party security incident is still being looked into.
Data stolen from the breach, which was confirmed to involve 1.2 million user records for 836,120 unique Dymocks accounts, has been spread on hacking forums and Telegram channels since June, said Hunt.
Moreover, one of the most recent BreachForum reboots was discovered by BleepingComputer to have a post selling access to stolen Dymocks data earlier this month.
Dymocks customers have been urged to not only immediately replace their passwords but also be more vigilant of potential phishing scams.