Electronics retailer digiDirect customer data breached, leaked on dark web

One of Australia’s leading consumer electronics retailers, digiDirect, is reportedly hit by a data breach affecting over 300,000 customers.

On Sunday 29th of September, a cybercriminal using the alias “Tanaka” posted on a dark web forum, claiming to have stolen data from digiDirect and provided a sample to confirm the breach. The post revealed that 304,000 customers’ sensitive personal and billing information had been compromised.

The stolen data includes:

• Full names
• Email addresses
• Phone numbers
• Company details
• Zip codes
• Street addresses
• Country and state information
• Dates of birth
• Billing and shipping addresses
• Billing first and last names
• AIPP verification status (Australian Privacy Principles-related details)

In the post, Tanaka credited another hacker known as “Chucky” for the attack. Chucky is also linked to an ongoing Dell data breach.

As of now, digiDirect has not yet responded to the allegations or confirmed the breach. The nature of the attack is not disclosed.