Bookstore chain Dymocks Booksellers is informing hundreds of thousands of individuals that their personal information might have been stolen in a data breach last week.
The Australian company, which has more than 60 brick-and-mortar stores and an online bookstore, says that it identified the unauthorized access to customer records on September 6, and that it immediately launched an investigation into the incident.
“While our investigation is ongoing and at the early stages, our cybersecurity experts have found evidence of discussions regarding our customer records being available on the dark web,” Dymocks says in a customer notice.
The bookstore chain discovered the data breach after being alerted by a third party and has yet to determine whether the data was stolen from its network or from any third-party provider processing data on its behalf.
“At the moment initial scans of our systems show no sign of penetration and we are working with our third-party partners to understand whether the breach could have occurred in their systems,” the company says.
The investigation, however, determined that the stolen information might have involved names, addresses, birth dates, gender, email addresses, and membership details for Booklovers (Dymocks loyalty program).
Dymocks says that the compromised customer records do not contain customer financial information, as it does not hold or store such data. The company has found no evidence that Booklovers passwords might have been compromised.
The company notes that it has yet to determine which customers might have been affected, as well as the exact number of impacted individuals.
According to data breach notification service Have I Been Pwned, the attackers stole roughly 1.2 million Dymocks records, which contained more than 800,000 unique email addresses, which could indicate the number of affected customers.
The data breach, Have I Been Pwned says, occurred in June 2023, and exposed customer phone numbers as well, along with the information Dymocks has confirmed as being compromised.
Dymocks recommends that its customers change their Booklovers passwords and passwords for other online accounts. The company also warns that the stolen personal information might be used to commit fraud and other types of attacks.
Related: IBM Discloses Data Breach Impacting Janssen Healthcare Platform
Related: 7 Million Users Possibly Impacted by Freecycle Data Breach
Related: Sourcegraph Discloses Data Breach Following Access Token Leak
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
