πŸ”’breach.co.nz Β· the NZ & Australia breach register πŸ›‘οΈ A Govern service
Register β€Ί πŸ‡¦πŸ‡Ί AU β€Ί Retail
Retail sector Β· leaderboard
Own the Retail leaderboard
The top banner across the Retail overview and every Retail record β€” one advertiser, exclusively.
Own this leaderboard β†’ breach@govern.co.nz

Total Tools

πŸ‡¦πŸ‡Ί Australia Β· Total Tools Pty Ltd Β· Record AU-2024-0938
β—‹ Reported β€” awaiting official confirmation
Reported β€” awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
38,000 (approx)
Breach date
2024-09
Regulator
ACSC and OAIC notified
Trust tier
B Β· Reported

Data exposed

Names, email addresses, login credentials and credit-card information (per the company) Company-confirmed

Confidence: Confirmed = regulator/court Β· Company-confirmed = the organisation's own disclosure Β· Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In September 2024 the hardware and tools retailer Total Tools disclosed a breach affecting around 38,000 customers, exposing names, email addresses, login credentials and credit-card information [tt-cd], [tt-ct]. Total Tools notified the ACSC and OAIC.

Current status

Disclosed. The ~38,000 figure and the card-data detail come from the company’s own statements [tt-cd], [tt-ct].

Why it matters

Login credentials and card data together give attackers both account takeover and payment fraud β€” a high-harm combination for retail customers.

GGOVERN Tabletop Exercises Β· Govern house Strengthen your cyber resilience β€” rehearse the decisions that matter. Book a Discovery Call β†’