What happened
In September 2023 Dymocks Booksellers disclosed a breach affecting around 836,000 customer records โ names, dates of birth, email and postal addresses and membership details โ after customer data appeared on the dark web [bleeping-dymocks]. The breach is understood to have originated with a third-party provider.
Timeline
- 2023-06 โ Unauthorised access believed to have occurred [bleeping-dymocks].
- 2023-09 โ Dymocks disclosed the breach; ~836,000 customers affected [bleeping-dymocks].
Current status
Disclosed; customers notified. A class-action investigation was reported. Figures are as reported. [bleeping-dymocks]
Why it matters
A large consumer-retail breach reached through a third party โ the loyalty database, not the storefront, was the target.