Customers Hit As Woollies Leaks $1m Gift card Data
Fairfax Media said it had received a copy of the e-mail which contained an Excel spreadsheet with the names and e-mail address of thousands of customers and a downloadable link to 7941 vouchers, worth a total of $1.3 million.
According to Fairfax, the spreadsheet was e-mailed to more than 1000 people, all of who could access the gift card codes – and immediately begin shopping.
As a result of the data leak, customers reported they had logged onto the Woolworths site on Saturday only to discover their vouchers had already been spent.
The data breach, which was discovered on Saturday morning, occurred after customers purchased the vouchers from online savings site Groupon, which ran a deal last week offering Big W e-Gift cards, valued at $100 and $200, at a 7.5 per cent discount. The cards were redeemable at Woolworths online and in-store, Big W stores, and Caltex petrol stations.
On Saturday evening, affected customers received an e-mail from Woolworths advising them the gift cards had been cancelled.
Woolworths would not give any details other than a two line statement: “Woolworths takes the concerns of its customers and data security seriously. We experienced a technical fault with an e-voucher offered to customers this week. We are working to resolve the issue and are assisting customers.”