Heimdal
article featured image

Contents:

Australian retail marketplace, MyDeal, announced a data breach on Friday, 14 October 2022.

The threat actor managed to exfiltrate data connected to 2.2M customers and later tried to sell the data online.

MyDeal is a Woolworths subsidiary, the retail giant purchasing 80% of the company this September, but the incident did not affect Woolworths as its systems are on an entirely distinct platform.

Details about the Data Breach

The hacker managed to breach MyDeal’s Customer Relationship Management (CRM) system using compromised user credentials. This gave the intruder access to customer information, according to BleepingComputer.

2.2M users were impacted by the data breach, with 1.2M of them having only the email address exposed.

Other information exfiltrated by the cybercriminals are:

  • User names
  • Email addresses
  • Phone numbers
  • Delivery addresses
  • Birth dates (in some cases)

MyDeal assured that other sensitive information like payment information, government IDs, or account passwords are safe.

Affected customers are receiving notifications about the data breach from the company.

Stolen MyDeal Data is Sold on a Hacking Group

On Sunday, 16 October 2022, the stolen data was for sale on a hacking group, valued at $600.

Threat actor argues that the data currently contains one million entries, but that as they finish analyzing the database, the number of exposed MyDeal customers will grow.

As proof of their attack, the threat actor released screenshots of what they claim are the company’s Confluence server and a single-sign-on prompt for the company’s AWS account.

Source

On Monday, 17 October 2022, samples of stolen data were released revealing 286 presumed customers’ personal information.

MyDeal Announces Stolen Data from a Recent Data Breach

Source

Although MyDeal assured that no passwords were exposed in the data breach, users are advised to reset account credentials just to be safe.

Also, all customers should watch out for phishing attacks, as stolen data are commonly used by cybercriminals on phishing campaigns.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE