Written: by Australian Cyber Security Magazine Staff Writer.
Australia’s biggest chain of bookshops, Dymocks, has revised upwards the number of customers affected by a cyber attack in early September. Late last week, the retailer emailed customers saying an additional 400,000 customers are impacted.
“While our investigation is ongoing, it has been confirmed that 1.24 million customer contact records were stolen and made available on the dark web,” the September 15 email reads. “The information in the contact records is limited to contact information such as name, address, phone, email, membership details, and date of birth.”
A week earlier, when advising of the attack, Dymocks said the number of customers affected was approximately 836,000. Dymocks operates 65 stores around Australia and also has a sizeable online presence. The book chain actively encourages customers to join its rewards program when buying books in physical stores and online. The sign-up process collects information such as email addresses, mobile phone numbers and dates of birth.
Dymocks says collecting date of birth information allows them to send a gift or discount voucher on or around the customer’s birthday. The sign-up process does not require information like residential addresses or credit card details.