Aussie companies hit by hackers as PM blasts ‘scourge’
UPDATE: Binge denies it was one of the companies caught up in the breach: “No credit card details have been compromised”
Thousands of Australian customers of major businesses including BINGE, Event Cinemas, Dan Murphy’s, and Guzman Y Gomez have been targeted in a coordinated cyber attack.
Unlike recent hacks on Medibank and Optus, this latest attack involved a method known as ‘credential stuffing’, where cyber criminals use previously stolen passwords and attempt to use them elsewhere. In this case, hackers were able to access online user accounts for the aforementioned businesses and ring up purchases.
This tactic was used earlier this month on customers of THE ICONIC.
The coordinated cyber attack, believed to have impacted around 15,000 customers, has raised the ire of the PM, with Anthony Albanese calling the raid a “scourge”.
“This is a scourge and there are so many vulnerable people being ripped off who’ve acted in absolutely good faith and we need to make sure they are protected,” Albanese said this morning.
Cybersecurity Minister Clare O’Neil said of the breach: “Cybersecurity is a shared responsibility of us all. It is vital that Australians and Australian businesses are alert to the threat of credential stuffing.
“Consumers who are concerned about being caught in these attacks should take the usual precautions of using strong and unique passphrases for different accounts and enabling multifactor authentication where possible.”
Setting up two-step verification is also a solution to such credential stuffing attacks.
“Having an extra step can be inconvenient at first, but remember that taking shortcuts leaves your system more vulnerable,” the Australian Cyber Security Centre notes on its website.
“You are better off spending a few seconds entering a one-time code now, to avoid spending hours later on trying to regain access to your accounts and dealing with the consequences of your data being stolen.”
Mumbrella has contacted BINGE and Event Cinemas for comment.
My Partner flagged this in November with GYG, as was getting some time multiple orders a day and was told it was a you problem. HA. not so much of a You problem now is it GYG!