The Good Guys Data Leak via My Rewards Pty Ltd

Jimothy Wongingtons on 23/02/2023 - 11:47
Last edited 23/02/2023 - 12:29 by 2 other users

Got a text this morning from Good Guys (same text thread as I get advertisements/concierge credit on) about a new data leak - doesn't really say anything about how wide spread it is, and doesn't really commit to whether or not data was accessed just says 'may'.

The Good Guys has been notified of a data breach at My Rewards Pty Ltd, a former 3rd party provider for the Concierge program. Your name, address, & phone number may have been accessed (No ID docs or payment details). Visit our online Help Centre for full info and use REF xx-xxxxxx

I'm personally so unphased by all the data leaks now as there were so many other high profile leaks out there but wondering now is it because there's been so many other serious leaks (Eg Optus) that now companies just dont really care anymore, other than announcing it to affected customers and moving on? And do you also care anymore about (potentially minor) data leaks?

For users impacted by this data breach, please go to https://www.thegoodguys.com.au/updates for more information on how to get help.

The Good Guys has been notified that the IT systems of a former third-party supplier, Pegasus Group Australia Pty Ltd, now known as My Rewards Pty Ltd, have been improperly accessed by an unauthorised user.

The Good Guys can confirm that its own IT systems were not involved in this incident.

The Good Guys is directly contacting Concierge members who may have been impacted by the My Rewards data breach. The nature of the specific information involved for each affected individual is set out in the communication that the individual receives from The Good Guys.

Poll Options

  • 49
    Yes I care about minor data leaks
  • 5
    No I dont care about minor data leaks
General Discussion

Related Stores

My Rewards International
My Rewards International
The Good Guys
The Good Guys

Comments

  • Clear on 23/02/2023 - 11:51
    +4

    Years ago when companies weren't required to disclose breaches there were so many high profile ones. It really isn't anything new.

    • Iluvfreebies on 23/02/2023 - 12:00
      +9

      That does not make it "ok"

      • Clear on 23/02/2023 - 13:25

        That does not make it "ok"

        Never said it was ok. Which dumbarse around here thinks it is?

        Rather I'm saying people would be shocked how many other big companies had these breaches before they were required to disclose by law.

        • Iluvfreebies on 23/02/2023 - 13:43

          It really isn't anything new.

          The way you said this makes it sounds that it is nothing to worry about and it happens all the time.
          We shouldn't take lightly every breach that occurs. Someone might lose all their life savings. You should check out Jim Browning youtube channel if you are unsure how this stolen data is being used.
          https://www.youtube.com/@JimBrowning

          • Clear on 23/02/2023 - 13:53

            @Iluvfreebies: Major breaches aren't something new. Rather the last few years they must be disclosed by law while in the past they did not. So my point is that they're not just suddenly happening.

            I was doing cybersecurity audits on breached pharmaceutical and healthcare companies 10 years ago when it wasn't and the amount of customer data accessed was significant. They had the option to disclose and naturally they didn't.

        • outlander on 23/02/2023 - 14:03

          Never said it was ok. Which dumbarse around here thinks it is?

          That is the natural inference to take from the phrasing you used. IE it happens all the time, it's nothing special, so why make a big deal out of it?

          • Clear on 23/02/2023 - 14:17

            @outlander: Many people are wondering why breaches are happening all the time now. Also from OP

            I'm personally so unphased by all the data leaks now as there were so many other high profile leaks out there

            • outlander on 23/02/2023 - 15:13
              +1

              @Clear: Indeed, there's a lag between the info being released and industries spinning up to use it maliciously on a large scale, so we aren't seeing the immediate pain from it. Because of that I think many people are confused about how to feel. But they will get pissed off when they find out Grandma got scammed out of her retirement savings, and the thieves used data from breaches like this to impersonate them to do it

              I personally see it as a big threat, but I have so many things going on in my life that I'm not sure how best to protect myself against it or how much time and effort to devote to it. Like most people I suppose.

        • Sinnerator on 24/02/2023 - 08:38

          How many people here simply don't care about data security, that's how many dumbarses. A lot.

          • Clear on 24/02/2023 - 09:13

            @Sinnerator: Yes I was recently told that passwords were old fashioned and slow :/

    • scotty on 23/02/2023 - 12:17
      +2

      TGG is part of JB Hi-Fi which is a listed company so pretty obvious have to disclose this kind of breach.

      Pegasus Australia is now My Rewards which also went IPO on ASX last year, and it appears that it's not their first time either having data breach.

      • Clear on 23/02/2023 - 13:26

        I wonder if this breach stems from the other breaches they had?

    • treekangagaroo on 23/02/2023 - 16:45

      Yes but options to exploit them were also limited, unlike today

      • Clear on 23/02/2023 - 17:35

        How so? What's different now than 5-10 years ago?

        • treekangagaroo on 23/02/2023 - 19:06

          Look at the stats from few years ago and compare with current years. You will see more money was lost

          https://www.scamwatch.gov.au/scam-statistics?scamid=all&date…

          More online and data in public domains are there than 10 years ago. someone can know and get the identity of a person sitting at there home. Have you heard of dark web where these things are sold by criminals ?

  • askbargain on 23/02/2023 - 11:57
    +1

    https://www.ozbargain.com.au/node/578179

    They use a PayPal loan

    https://www.paypal.com/workingcapital/

    So from all the discounts they have been giving, it's to pay off their loan.

    https://imgur.com/a/f3s4niG

  • donkcat on 23/02/2023 - 13:48
    +7

    TGG never actually send their rewards out so everyone should be safe from the data breach

  • CurlCurl on 23/02/2023 - 16:01

    I've only been pwned once at Deezer late last year. Never belonged to Deezer but a friend always send me song links through Deezer to me. All Deezer had was my email address. I now receive around 15 junk mail a day.

  • pegaxs on 23/02/2023 - 16:54
    +1

    Another day another reward site/program leaking users data… it’s ok, $3 coupon will be incoming so you can all upvote it and forget all about your data being leaked.

  • FLICKIT on 23/02/2023 - 18:53
    +3

    My Rewards believes that the breach is likely to have occurred in August 2021

    and it only took 18 months for them to let us know…

    Pegasus - My rewards was always as dodgy as hell, it wouldn't surprise me if they sold our info and now they've been found out they're claiming it was a "data breach"…

    https://www.ozbargain.com.au/node/578179

    • ALBastru on 23/02/2023 - 20:08

      Thanks to Privacy Act 1988 that’s not a big problem for them.

  • scotty on 24/02/2023 - 09:53
    +3

    Yes according to MRI's public announcement, the breach occurred in August 2021. Why there wasn't any announcement? Maybe something to do with MRI was aiming to do an IPO in February 2022, raising $5m from the public?

Login or Join to leave a comment
Login Join