Maksim Kabakou - Fotolia

David Jones online customers hit by data breach

Hackers have accessed the personal details of an unknown number of David Jones online customers, but the retailer says payment details and passwords are not affected

Australia-based David Jones has revealed that personal details of online customers have been accessed by hackers, making it the latest retailer to be hit by a data breach.

According to the retailer, unauthorised access involved names, email addresses, mailing addresses and order details of online customers, but the company has given no indication of how many people are affected.

David Jones said no credit card details or passwords were compromised and all affected customers have been notified by email.

“If customers have not received a message from David Jones regarding this situation, they have not been impacted,” the retailer said.

Just like the string of other retailers who have been hacked in recent months, David Jones said in a statement that it takes customers’ privacy “very seriously”.

In an email to customers, David Jones said it had recently learned that a third party exploited a vulnerability in its website, reports ABC News.

“As soon as we learnt of the unauthorised access, we moved swiftly to prevent any further incident, working closely with our internet platform provider IBM,” the retailer said in a statement.

The company said it is also working with the Australian Federal Police and cyber security experts to identify those behind the breach.

David Jones said it did not store any customer financial information on its website and there is no indication that any of the information accessed is being misused.

However, the retailer has advised customers not to provide financial information or credit card details by phone or email because of potential scams using the stolen data.  

The David Jones breach is the second in a week affecting a large retailer, coming just days after Kmart Australia revealed that details of its online customers had been breached in an “external privacy breach” of its product order system.

Similar to David Jones, Kmart said no credit card or other payment details were compromised in the breach.

“This breach only impacts a selection of customers who have shopped online with Kmart Australia. If customers have not received a message from Kmart Australia regarding this situation, they have not been affected,” the retailer said.

Read more about retailer breaches

  • Carphone Warehouse confirms the authorities have been notified about the breach, and urges customers to take steps to protect themselves.
  • The Information Commissioner’s Office (ICO) reprimands shoe retailer Office after a hacker exposed more than a million customers’ personal data.
  • European data breaches in retail and other sectors are largely hidden due to a lack of breach disclosure laws.

Read more on Privacy and data protection

Data Center
Data Management