HQ/EMEAFind out how we can help your business
Dymocks Booksellers, one of the largest bookstore chains worldwide, has recently suffered a data breach incident.
The affected entity notified over 800,000 customers who could have suffered from the attack and faced personal information leakage. The breach allegedly occurred earlier this month after researchers came across sample data of Dymocks customer data circulating on some hacking forums. The company has yet to find evidence of direct penetration into its systems. However, they still investigated the incident, focusing on potential security vulnerabilities among its third-party partners.
The breach’s true nature and scope remain a mystery, which leaves the company and its clients concerned.
Dymocks Booksellers confirmed the customer details exposed during the breach.
Dymocks Booksellers revealed that the compromised data during the breach included personal information, such as names, dates of birth, email addresses, postal addresses, gender, and membership details, like gold expiry dates, account statuses, creation dates and card rankings.
The company also assured its customers that the breach did not acquire any financial information since they do not store such data. Unfortunately, the breach’s impact is still massive since the attack compromised and leaked millions of user records owned by 836,120 unique Dymocks accounts.
Dymocks also claimed they contacted all relevant law enforcement agencies and started a comprehensive investigation while fortifying their security protocols to avoid similar incidents.
On the other hand, the company advises its users to change their account passwords as a mitigation tactic for possible account takeovers despite no indication of passwords exposed during the breach.
Customers who use identical passwords across multiple platforms should also change those to avoid hackers that would exploit the stolen credentials.
Impacted customers should remain vigilant for unwanted communications since other threat actors could have acquired the stolen data and executed their phishing campaigns. Cybercriminals may attempt to exploit these details by deceptive emails equipped with social engineering tactics to request financial information, such as credit card details or other data.
This incident reminds every one of the importance of solid security measures since the cybercriminal landscape continues to breed more threat actors that execute numerous cyberattacks.
