Dis-Chem announces data breach that affects 3.68 million customers
Dis-Chem has announced that an unauthorised person or party has accessed the personal information of data subjects through one of its third-party service providers on or about 28 April.
The JSE-listed retail pharmacy noted in a statement that it has contracted with a third-party service provider and operator for certain managed services.
“In these circumstances, the operator developed a database for Dis-Chem which contained certain categories of personal information necessary for the services offered by Dis-Chem.
“It was brought to our attention on 1 May 2022, that an unauthorised party had managed to gain access to the contents of the database. Upon being made aware of the incident, we immediately commenced an investigation into the matter and to ensure that the appropriate steps were taken to prevent any further incidents,” Dis-Chem said.
It said the operator has deployed additional safeguards to ensure the security of the information on the database.
A total of 3,687,881 data subjects have been affected. The following personal information was accessed –
-
first name and surname;
-
email address; and
-
cell phone number.
“The unauthorised party may use the information to commit further criminal activities, such as phishing attacks, email compromises, social engineering and/or impersonation attempts,” said Dis-Chem.
“Whilst investigations into the incident are still ongoing, the operator has confirmed it has deployed additional safeguards in order to ensure protection and security of information on the database. These safeguards include but are not limited to, enhanced access management protocols to the database.
“We are not aware of any actual misuse or publication of personal information from the personal information that may been acquired. We are however continuing, with the assistance of external specialists, to undertake web monitoring (including the dark web) for any publication of personal information relating to the incident,” Dis-Chem said.
Written by: Staff Writer.
Guzzle Media