Kmart Australia suffers a data breach, customer information stolen
October 2, 2015 |
Kmart announced on 30 September 2015 that it had suffered suffered a data breach, caused by hackers. Customer information, including email, billing and delivery addresses were stolen. It said that customer credit card or payment details were accessed.
The media release provides:
| KMART ACTING TO ADDRESS AN EXTERNAL PRIVACY BREACH OF ITS CUSTOMER ONLINE ORDER SYSTEM |
|
KMART ACTING TO ADDRESS AN EXTERNAL PRIVACY BREACH OF ITS CUSTOMER ONLINE ORDER SYSTEM Kmart Australia is urgently addressing an external privacy breach of its customer online product order system that was experienced yesterday. The breach included customers’ identity (name), email address, delivery and billing address, telephone number and product purchase details. No online customer credit card or other payment details have been compromised or accessed. Yesterday, an email was sent directly to those customers whose details were accessed to inform them of this situation and Kmart Australia has posted details of the breach on its social media pages. This breach only impacts a selection of customers who have shopped online with Kmart Australia. If customers have not received a message from Kmart Australia regarding this situation they have not been impacted. As soon as Kmart Australia was made aware of this breach, immediate action was taken to stop any further information being accessed. The safety and security of customer’s private information is a priority for Kmart Australia. Kmart Australia has engaged leading IT forensic investigators and has contacted the Office of the Australian Information Commissioner and Australian Federal Police to thoroughly review this matter. Kmart Australia is unable to make any further comment at this time. Kmart Australia sincerely apologises for any inconvenience this incident has caused and if any customers are concerned they can contact Kmart Australia on 1800 124 125. |
Itnews reports on the breach in Customer data stolen in Kmart Australia hack, which provides:
Retailer Kmart has revealed it is “urgently” working to address a privacy breach which saw customer data stolen by external attackers.
The company yesterday informed affected customers their name, email address, delivery and billing addresses, phone numbers and product purchase details had been taken in the attack.
It insisted that no customer credit card or payment details had been compromised.
The retailer uses ANZ Bank’s CyberSource payments gateway for credit card processing, and does not store the details internally.
iTnews understands Kmart’s online ecommerce platform is built on IBM’s WebSphere Commerce software.
The ecommerce solution also includes the Oracle Endeca enterprise data discovery platform and Coremetrics (also owned by IBM) digital marketing platform, iTnews understands.
Kmart emailed customers who had their information stolen from its online product order system on Tuesday to inform them of the situation.
If a specific customer did not receive the email, Kmart said, their information had likely not been impacted.
“As soon as Kmart Australia was made aware of this breach, immediate action was taken to stop any further information being accessed,” the company said in a statement.
The retailer has informed the Office of the Australian Information Commissioner and the federal police about the breach.
It has also engaged unnamed “leading IT forensic investigators” to look into how the attackers were able to infiltrate the product ordering system.
Kmart declined to comment.
The company this month created a dedicated executive role for online, and is currently recruiting for the head of online trading and customer experience.
The role reports into the general manager of multichannel and is responsible for Kmart’s digital commerce channels, with a focus on online merchandising, site and content management, analytics, online marketing and digital platform optimisation.
The federal government has previously pledged to introduce legislation for mandatory data breach reporting – a recommendation of a parliamentary joint committee – before the end of the year.
[…] Kmart Australia suffers a data breach, customer information stolen […]