SecurityWeek reports that Woolworths, a major retail company in Australia, has confirmed that its recently acquired MyDeal online marketplace was hit by a data breach that has compromised information from 2.2 million customers.
MyDeal's customer relationship management system was infiltrated through the use of compromised user credentials, which then enabled attackers to access MyDeal customer data, including names, birthdates, phone numbers, email addresses, and delivery addresses. Moreover, 1.2 million of the customers affected by the breach only had their email addresses accessed by attackers, according to Woolworths.
"MyDeal does not store payment, driver's license or passport details and no customer account passwords or payment details have been compromised in this breach. The customer data was accessed within the MyDeal CRM system and the Mydeal.com.au website and app have not been impacted," said Woolworths, which added that its own systems, which are separate from MyDeal's, were not affected by the incident.
Such a breach follows the cyberattack at Australian mobile carrier Optus, which has compromised the ID numbers of 2.1 million individuals.
This week, Dr. Doug raves about: 'The Orgy of the Walking Dead' or Elon is controlling my brain, Schoolyard Bully, Redigo, DuckLogs, Dod Alphabet soup, Sirius XM, Pixel Tracking, TSA, Single Sign-on rants, and more on the Security Weekly News!
SecurityWeek reports that several car brands could be compromised by remote attacks leveraging a vulnerability in Sirius XM's connected vehicle services, which are being used by over 12 million vehicles in North America, including those made by Acura, Honda, BMW, Jaguar, Land Rover, Nissan, Infiniti, Subaru, Toyota, Lexus, and Hyundai.