Big W staffer gave out confidential data with printer repair

By

Accidentally handed to customer in bundle of test prints.

Big W suffered a privacy breach earlier this year when it accidentally added a confidential printout to a pile of test documents whilst trying to prove a customer's printer issue had been fixed.

Big W staffer gave out confidential data with printer repair

The breach is contained in a cache of notifications made by Woolworths to the Office of the Australian Information Commissioner (OAIC) that was published yesterday. [pdf]

The cache includes two notifications for 2018, including one previously reported incident where scammers used compromised or stolen login credentials to fleece customers of loyalty points.

However, it also contains a second notification for an incident at Big W where a printed document containing identity and contact information of 32 people was accidentally given to a customer.

File notes recorded by the OAIC state that “a customer came to Big W to get their printer fixed, and when it was, had some test documents printed to verify [the] issue had been fixed. Staff member enclosed some other documents with the customer’s documents.”

The internal document contained “information regarding Big W’s business processes and identity and role of individuals involved”.

Big W said the breach occurred on April 30 and was discovered on May 2. Those impacted by it were alerted on June 2.

The company said it had been unable to get the printed hard copy back because "the customer was not willing to engage with Big W further".

Big W said it had taken steps to prevent a recurrence.

“Big W has engaged in a review of our in-store processes and immediately disabled the print functionality associated with the [confidential] document,” it said.

“In addition, staff training and a reassessment of our data collection and storage processes is being undertaken.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?