Digital Retail News
Bunnings Apologises For Data Breach
Bunnings has issued an apology after it was revealed that a data breach had exposed data about employees and customers.
The breach was a result of a staff member setting up an employee performance monitoring system on his home computer. Information included details of Bunnings staff members and comments relating to employee performance; log-in details for staff and developers; and email addresses. home addresses and telephone numbers of 1,194 customers.
Only one store's details were compromised.
Lee Johnstone of security company CTRLBox was told about the breach by an anonymous researcher and informed Bunnings MD, Michael Schneider, on 30th January. The database was swiftly removed.
Schneider said in a statement to CTRLBox:
"On Wednesday (30 January 2019) we learned of an unsecure and unofficial website that contained some customerdata from one of our stores including names, email addresses, phone numbers and physical addresses. The site also included limited team member details such as names and internal ID numbers. No banking or financial data was stored.
"We took immediate action and the site was shut down within the day. We have notified the OAIC (Office of Australian Information Commissioner) and have begun contacting affected customers and team members.
"The site contained the contact details of 1,194 customers and was created by a team member as an administration tool and to assist in keeping local customers updated about activities and events. This was a breach of our data policy guidelines.
"We are sorry that this has happened and would like to reassure our team and customers that we take their privacy very seriously. We are reinforcing our data and privacy policies with our team to prevent something like this happening again.
"Whilst those affected will be contacted directly, if customers or team members have any questions or concerns they can contact privacy@bunnings.com.au or call 1300 558 435."
Source : Insight DIY Team and CTRLBox
Insight DIY always publishes the latest news stories before anyone else and we find it to be an invaluable source of customer and market information.