Australian e-tailer digiDirect customers' info allegedly stolen and dumped online
Full names, contact details, and company info – all the fixings for a phishing holiday
Data allegedly belonging to more than 304,000 customers of Australian camera and tech e-tailer digiDirect has been leaked to an online cyber crime forum.
digiDirect, a prominent Australian consumer electronics retailers, did not immediately respond to The Register's inquiries. We will update this story if and when we hear back.
According to a BreachForums post, a crook who goes by “Tanaka” allegedly swiped a database containing customers' full names, email addresses, phone numbers, billing and shipping addresses, and company names.
The criminal also posted a sample of the stolen data – which has not been verified by The Register - and issued an apparent shoutout to another cyber crook – "very thanks to Chucky" – who may or may not have also been involved in the digital break-in, if it indeed happened.
- Coding error in forgotten API blamed for massive data breach
- Miscreants claim they've snatched 560M people's info from Ticketmaster
- Aussie cops probe MediSecure's 'large-scale ransomware data breach'
- A million Australian pubgoers wake up to find personal info listed on leak site
There has been no word yet from digiDirect, nor from the Office of the Australian Information Commissioner or the Oz Federal Police as to whether they have received a breach report from the electronics shop, or if they are investigating. The Register has asked both government agencies for comment.
Still, anyone who has recently purchased electronics from the shop would be wise to keep an eye on their digital identity and bank accounts to ensure that fraudsters aren't using personal and financial information for shopping sprees or other nefarious purposes.
In 2021, digiDirect was fined AU$39,240 ($27,100) by the Australian Competition and Consumer Commission for allegedly misleading consumers about "storewide" sales, which the consumer protection watchdog claimed weren't really storewide at all.
The breach, if the report turns out to be true, follows a rough several months for Australians. Their sensitive info has been stolen – and then posted online – from Ticketmaster, prescriptions provider MediSecure, and Nissan Oceania, among others.
Crikey. ®