{"id":449,"date":"2024-10-01T12:03:51","date_gmt":"2024-10-01T12:03:51","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=449"},"modified":"2024-10-01T12:03:51","modified_gmt":"2024-10-01T12:03:51","slug":"data-of-300k-digidirect-customers-leaked-in-alleged-attack","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=449","title":{"rendered":"Data of 300k digiDirect customers leaked in alleged attack"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>One of Australia\u2019s leading retailers of consumer electronics, digiDirect, is allegedly facing theft of data belonging to over 300k customers from a cybersecurity breach.<\/p>\n<p>On Sunday, a threat actor using the alias \u201cTanaka\u201d <a href=\"https:\/\/x.com\/DailyDarkWeb\/status\/1840708419587895609\/photo\/1\" target=\"_blank\" rel=\"noopener\">posted<\/a> on the dark web, saying the e-tailer had been breached and that they had data belonging to 304,000 customers. Tanaka also added a sample of the stolen data in the post for confirmation.<\/p>\n<p>In their post, Tanaka attributed the attack to another threat actor \u201cChucky\u201d, a hacker recently attributed to an ongoing <a href=\"https:\/\/www.csoonline.com\/article\/3536783\/hacker-selling-dell-employees-data-after-a-second-alleged-data-breach.html\" target=\"_blank\" rel=\"noopener\">Dell data breach<\/a>. \u201cvery thanks to Chucky,\u201d Tanaka wrote in the post.<\/p>\n<h2 class=\"wp-block-heading\">Sensitive customer data compromised<\/h2>\n<p>In the BreachForum post, the threat actor claimed stolen data consists of customers\u2019 sensitive personal information, including full names, email addresses, phone numbers, company details, zip codes, street addresses, country and state information, and date of birth.<\/p>\n<p>Additionally, the post added, sensitive billing details including billing and shipping address, billing \u201cfirst\u201d and \u201clast\u201d names, and the AIPP verification status, were also a part of the dump.<\/p>\n<p>Victims of such personal information theft can face cyber threats including identity theft, phishing, targeted spear phishing, and account takeover (ATO) attacks. Compromised billing details can be used in fraudulent purchases, synthetic identity thefts, and shipping frauds.<\/p>\n<p>digiDirect has yet to respond to these allegations.<\/p>\n<h2 class=\"wp-block-heading\">Cybercrime in Australia<\/h2>\n<p>Australia has had quite a busy year in terms of breaches and attacks. Among the widely reported are the <a href=\"https:\/\/www.csoonline.com\/article\/2132344\/cybercrime-group-claims-to-have-stolen-data-on-560-million-ticketmaster-users.html\" target=\"_blank\" rel=\"noopener\">TicketMaster<\/a> breach, <a href=\"https:\/\/www.csoonline.com\/article\/3475832\/data-of-13-million-medisecure-customers-compromised-in-ransomware-attack.html\" target=\"_blank\" rel=\"noopener\">MediSecure<\/a> ransomware attack, and <a href=\"https:\/\/www.theregister.com\/2024\/03\/14\/nissan_oceania_100k_affected\/\" target=\"_blank\" rel=\"noopener\">Nissan Oceania<\/a> hack.<\/p>\n<p>On Monday, a threat actor using the alias \u201c0xy0um0m\u201d <a href=\"https:\/\/x.com\/cyberfeeddigest\/status\/1840987445913141434\/photo\/1\" target=\"_blank\" rel=\"noopener\">claimed<\/a> hacking the Australian non-banking, financial services provider, Fifo Capital, alleging a 60GB dump consisting of mailing, invoice, and profile data of customers.<\/p>\n<p>In other big events, the Australian Federal Police (AFP) <a href=\"https:\/\/www.csoonline.com\/article\/3529140\/australian-cops-bust-underworld-app-through-compromised-software-updates.html\" target=\"_blank\" rel=\"noopener\">dismantled a global criminal platform<\/a>, Ghost, and charged an Australian-based person of being an alleged mastermind and administrator of the App.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>One of Australia\u2019s leading retailers of consumer electronics, digiDirect, is allegedly facing theft of data belonging to over 300k customers from a cybersecurity breach. On Sunday, a threat actor using the alias \u201cTanaka\u201d posted on the dark web, saying the e-tailer had been breached and that they had data belonging to 304,000 customers. Tanaka also [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":450,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-449","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/449"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=449"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/449\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/450"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=449"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=449"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=449"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}