Nearly 40,000 Aussie tradies at risk after major data leak at hardware chain
Hardware chain Total Tools has suffered a major data leak that is believed to have affected 38,000 tradies, with credit card numbers, email addresses and other log-in details compromised.
The leak is believed to have been perpetrated by professional cyber hackers, with Total Tools parent company Metcash discovering the issue earlier this week.
Total Tools contacted some of their customers to notify them of the leak with recommendations of how they can keep their sensitive information safe.
Sign up to The Nightly's newsletters.
Get the first look at the digital newspaper, curated daily stories and breaking headlines delivered to your inbox.
By continuing you agree to our Terms and Privacy Policy.Speaking to The Australian on Thursday, Total Tools chief executive Richard Murray confirmed the incident but said he believed the cause of the leak has been fixed.
“The cyber incident has illegally compromised certain personal information, however Total Tools is confident that the cause of this incident has been removed from its website,” Mr Murray said.
“The data that has been illegally compromised includes customer name, email address, Total Tools password, mobile number, shipping address, and credit card details of customers who shopped or registered on our website recently.”
Murray said the company was continuing to work with a forensic and cybersecurity expert.
“Total Tools’ communications to impacted customers recommended precautions they can take to lower the risk of their information being potentially misused,” he added.
“In addition to contacting impacted customers, Total Tools has also implemented several additional cybersecurity measures to minimise the likelihood of this occurring again.”
Murray finished by saying they are dedicated to supporting “customers throughout the process” to allow their customers to “shop with confidence” at the chain.
On Thursday, the Total Tools website was temporary shut down due to an error updating prices on the website, and isn’t believed to be related to the cyber attack.
Australia has recorded its highest number of data breaches in almost four years, according to a new report released just days ago.
In the six months to June 2024, there was a nine per cent spike in breaches reported to the Office of the Australian Information Commissioner (OAIC), which said that current safety and security measures were not enough.
There were 527 data breaches between January and June this year, the Notifiable Data Breaches Report found, and the OAIC said: “This is the highest number of notifications since July to December 2020.”
Originally published on Sunrise