That's today's data breach: Vinomofo
We can't even drink wine in peace anymore…
Email received today:
I am writing to provide you with some important information about a recent cyber security incident at Vinomofo.
Vinomofo experienced a cyber security incident where an unauthorised third party unlawfully accessed our database on a testing platform that is not linked to our live Vinomofo website.
We immediately engaged leading cyber security and forensic specialists (including IDCARE, Australia’s national identity and cyber support service) to investigate the claim and took steps to further secure our IT environment and strengthen our systems.
We also reported the matter to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC).
Our investigation established that customers’ and members’ information on our database on this testing platform was unlawfully accessed by a third party. However, our cyber security and forensic specialists have assessed that the risk to our customers and members by this information being accessed is low.
Vinomofo does not hold identity or financial data such as passports, drivers’ licences or credit cards/bank details.
While no passwords, identity documents or financial information were accessed, the database includes other information about customers and members.
The information about you that was contained in the database that may have been accessed may include name, gender, date of birth, address, email address and phone number.
Working with our IT experts, we have taken steps to further bolster the security of our technology systems to help prevent any similar incidents happening again.
We are contacting you directly so you can take simple, precautionary steps to protect your information and avoid any potential scams.
We advise that you remain alert to any increased scam activity – especially email, SMS or telephone phishing scams – with fraudulent communications disguised to look like they come from an organisation you trust.
We recommend that you:
Remember that good organisations do not contact you and ask you to “prove” who you are. If someone calls you unexpectedly claiming to be from an organisation, consider hanging up and calling them back on a known and trusted number.
Look out for contact from scammers who may have your personal information. This may include suspicious emails, texts, phone calls or messages on social media. Protect yourself from scams. Never click on any links that look suspicious and never provide your passwords, or any personal or financial information. It is good practice to have up-to-date anti-virus software installed on any device you use to access your emails. Scamwatch also provides helpful guidance on how to spot a scam.
Consider changing your email account passwords. Make sure you use strong passwords that you do not use for other accounts. Enabling multi-factor authentication is a good idea where possible.While your Vinomofo account password is still safe to use, it’s a good idea to regularly change your password. You may wish to update your password as a precautionary measure.
You can find further information about online safety, cyber security and helpful tips to protect yourself at the Australian Cyber Security Centre or the ACCC’s Scamwatch website.
If you have any outstanding concerns, we have partnered with IDCARE to provide specialist case management support. IDCARE’s service are at no cost to you. Their expert case managers can be booked online at a time that suits you during business hours (9am to 6pm AEDT). If you wish to engage IDCARE, please complete a Get Help form for individuals at idcare.org or contact 1800 595 160, quoting reference VMF22.
We take the privacy and the protection of customer information very seriously and I apologise for any concern or inconvenience the incident has caused.
We have taken this matter very seriously and we understand you may want to know more. You can access more information on our website at: www.vinomofo.com/cyber-incident-faqs/
If you have any questions, please contact [email protected].
Yours sincerely,
Paul Edginton
Vinomofo CEO
vinomofo. oh no.