STE WILLIAMS

A data breach at Perth Mint first thought to have affected 13 customers turned out to be more widespread, with more than 3,000 customers breached.

Vulture South ignored the story when it broke, because of the small scale of what was reported. Last week, the Australian Broadcasting Corporation reported a small-scale breach affecting users of the mint’s online repository.

The WA-governmnt-owned Perth Mint is Australia’s bullion mint, and its repository is the customers buy-and-sell trading platform for precious metals.

The organisation launched an investigation into the original breach, and as part of that, CEO Richard Hayes yesterday announced the breach involved 3,200 customers.

Hayes’ announcement stated: “As previously advised, ongoing forensic investigations continue and we were made aware of this development over the weekend. We have moved quickly to contact the affected Depository Online customers in order to protect their interests.“

Hayes attributed the breach to a third party provider, and said the mint’s internal systems have not been compromised.

Affected customers had their personal information breached, the mint said, but “we have again assured our customers that their investments are unaffected and remain safe and secure”.

The mint also said it believes it’s now identified the full scope of the breach, with Hayes saying he was “confident that no data belonging to any other investors or customers had been accessed”.

The Office of the Australian Information Commissioner, Western Australian Police, and the Australian Federal Police have been notified.

A user has told Vulture South that users’ entire profiles leaked, and that the mint is advising those affected to look for suspect transactions in their bank accounts. We have asked the mint for confirmation. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2018/09/18/perth_mint_leaks_13_accounts_in_data_breach_no_make_that_3200/