Cygnett Hacked, NAB Audit, Retailers Warned
Retailers and distributors who trade with Cygnett have been warned of a major data breach involving the NAB Bank with partners told to change their bank passwords.
In a letter sent to retailers Laura Conti Finance Manager at Cygnett said that ‘On 6 Sept 2018 – 8:51am AEST the email account of one of our employees was fraudulently accessed by an unauthorised external third party.
An email titled ‘You have received a secured file via SharePoint’ was circulated to the employee’s address book. This email contained malware, which could be installed on the device of the addressee if the link was followed.
The following day, 7 Sept 2018 – 8:39am AEST a second unauthorised access of our IT system took place, from a different employee’s email account. This was followed by an unauthorised access of our NAB Bank Account.
Since the event took place Cygnett has called for a full audit of their NAB bank account to ensure that no BSB or account numbers have been accessed.
NAB have advised that the audit will take between 5-10 business days to complete.
Conti said ” We are treating this matter seriously and will provide updates as new information becomes available”
“We are required by the office of the Australian Information Commissioner to inform you that your bank BSB and Account Number may have been viewed by this third party. We suggest that you change your bank password and be alert for any suspicious transactions”
We also take this opportunity to remind you that Cygnett does not & will not contact you via email to request financial information including bank account and credit card details.
“Accordingly, if you receive a suspicious email from a sender purporting to be us, please advise us immediately”.