Cyber Incident Information

Important Update on Cyber Incident

On 1 October, digiDirect became aware of a cyber incident involving the theft of personal information, which has allegedly impacted 304,000 online customers.

 

What Information Was Accessed?

While investigations are ongoing, early results show the information accessed is consistent with the Australian Government Information Commissioner's definition of “personal information”. It does not include “sensitive information” or “credit information”; it consists of names, email addresses, phone numbers and delivery addresses, where available.

 

Actions Taken

As soon as we became aware of this, we engaged our cybersecurity experts and ecommerce service providers to work with our in-house engineers and address this compromise swiftly. We have confirmed that the attackers no longer have access to the affected system.

Additionally, we have informed the relevant authorities, including the Australian Information Commissioner and the Australian Cyber Security Centre, who are collaborating with us to investigate the breach.

 

Next Steps

In line with our commitment from when this incident was first reported, digiDirect will continue to see through the investigation in full coordination and compliance with authorities. In the meantime, digiDirect’s customer service team will respond to all incoming enquiries from customers who have been notified through their personal email service or security providers that they were impacted by the breach.

Also, while the aforementioned investigation is ongoing, digiDirect will notify the subjects of the breach as it confirms the identities of any of those who have been compromised to the extent it causes serious harm. These notifications will be sent as emails in regular batches.

 

Recommended Steps for Customers

Although no immediate action is required on your part, our cybersecurity experts advise you to consider the following precautions and recommend customers always remain vigilant and monitor for suspicious activity. 

 

Change Your Passwords: Update passwords for any accounts where you may have used the same password.

Use Strong, Unique Passwords: Ensure each of your accounts has a strong and unique password.

 

We take the security of your data very seriously and are committed to enhancing our cybersecurity measures. We apologise for any concern this incident may cause and appreciate your understanding as we navigate this situation.

If you have any questions or require further assistance, please feel free to contact our customer service team at cyberbreach@digidirect.com.au .

Thank you for your continued trust in digiDirect.