Australian Book Retailer Dymocks Discloses Data Breach

Dymocks, a prominent Australian book retailer, recently revealed a data breach affecting potentially 836,000 accounts. The company notified customers, acknowledging their awareness of the cybersecurity incident since September 6. While Dymocks did not specify the scale of the breach, Have I Been Pwned (HIBP) reported that approximately 1.2 million customer records and 836,120 unique email addresses were compromised. HIBP indicated that the breach occurred on June 20, contrary to Dymocks' initial awareness date. The stolen data encompassed customer information, including date of birth, postal address, email address, mobile number, gender, and membership details such as gold expiry date, account status, member creation date, and card ranking. While investigating the incident, Dymocks discovered evidence of discussions regarding customer records being available on the dark web. They have advised their customers to remain vigilant in monitoring for potential phishing or scam attempts utilising the stolen data. We strongly encourage clients who do not currently have a privacy policy and a data breach plan to reach out to us immediately. Companies may receive fines of up to $50 million for not complying with the privacy laws. Your data security is our priority, and our experts are here to assist you in safeguarding your business and customer information.   Written by Tyrone Walker, Special Counsel at Hunt & Hunt Lawyers.