Australian furniture retailer Early Settler reports data breach

Early Settler, an Australian furniture retailer, has reported a data breach that has resulted in the exposure of sensitive customer information. The breach was disclosed on August 3 by a hacker using the alias "worry" on a hacking forum, who claimed to have obtained data on 1.1 million customers.

The breach exposed information from an archived database, with data only up to July 2022 being affected. The hacker has listed the data for sale at USD $2,000, and provided a link to a sample that includes loyalty rewards information, customer reference numbers, and survey results, although many fields in the sample data are empty.

The compromised data includes:

• Full names
• Email addresses
• Phone numbers
• Delivery addresses
• Dates of birth

The nature of the attack is not disclosed, and the number of exposed individuals is not confirmed.

Early Settler claims that no payment details, such as credit or bank card information, were compromised, as they do not store such details. However,

The company has informed relevant authorities, including the Office of the Australian Information Commissioner (OAIC), the Australian Cyber Security Centre (ACSC), the New Zealand Office of the Privacy Commissioner (OPC), and CERT NZ.

The company has also reassured customers that no broader system compromise has been detected and that they are implementing sophisticated monitoring systems.