Online wine seller Vinomofo suffers major data breach

Online wine seller Vinomofo has disclosed a major data breach in which an intruder accessed customers’ personal information including names, dates of birth, addresses and contact details.

In a statement posted online, Vinomofo said the intruder accessed a database on a testing platform that was not linked to its primary website. It nonetheless contained real customer information.

Online wine seller Vinomofo has suffered a major hack after real customer information was included on a test platform.

In emails to customers seen by The Sydney Morning Herald and The Age, Vinomofo said it had secured its systems, engaged a cybersecurity firm to investigate and claimed the risk to customers from the exposure of their information was “low”.

“Vinomofo does not hold identity or financial data such as passports, drivers’ licences or credit cards/bank details,” it said in its online statement. “While the investigation established no passwords, identity documents or financial information were accessed, the database includes other information about customers and members.”

It said names, addresses, emails, gender, phone numbers and dates of birth may have been accessed.

Vinomofo’s online statement does not say when it discovered the breach, which it said occurred “recently”, and declines to reveal the total number of people in the hack for “privacy” and anti-scam reasons.

The Vinomofo hack disclosure is the latest in the string of online data breaches, most prominently at the telecommunications giant Optus, that have heightened public interest in companies’ cybersecurity and data collection practices.

Vinomofo said it had data on customers who had purchased from its online store in accordance with its privacy, allowed customers to request their data be deleted and had notified authorities. It is investigating whether any customer data has been published online.

Customers should be vigilant for scams and do not need to replace any identity documents, Venomofo advised in its online statement.

The federal government has flagged tougher fines for companies that fail to properly safeguard Australians’ data, which are currently capped at $2.2 million per offence for even the most serious or repeated breaches.

The Resolve Political Monitor, which is exclusive to The Age and The Sydney Morning Herald, has found such a measure to be popular, with 59 per cent of survey respondents in favour of penalties worth many millions of dollars.

Vinomofo has been contacted for comment.

More to come

The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.

Most Viewed in Technology

From our partners

Source: Read Full Article