14 DAY TRIAL // Neoflam Australia, a company selling scratch resistant and environmentally friendly cookware, accidentally made available their entire database of warranty records with data spanning from 2010 to 2015, as discovered by The New Daily's Rachel Eddie.
According to Eddie's report, the leaked database exposed the full name, phone number, home address, e-mail, gender, age or age bracket, and the item purchased of company customers.
The web page accidentally published by the company which exposed all their clients' warranty info between 2010 and 2015 contained data from 7500 transactions.
"The New Daily spoke to a Neoflam Australia spokesperson shortly after midday on Monday but did not receive a response to questions by deadline," said Eddie. "Follow-up queries by phone and email were not answered."
However, although not receiving any answer from the company when trying to report the data leak, the company did take down the web page containing the warranty info database two hours later.
Private information of more than 7500 customers was exposed in Neoflam Australia's data leak incident
Furthermore, Eddie was also "able to download a spreadsheet detailing the company’s wholesale prices, store mark-ups and sale plans. There were also dozens of pages of marketing imagery."
At the moment, there is no indication of the exact amount of time the private info of the 7500 Neoflam Australia customers was publicly available on the web.
Although the company took down web page exposing private client information, they did not make the data leak incident public anywhere on the website or sent any notification to affected customers.
Neoflam Australia will have to disclose the event seeing that on February 22, 2018, the Notifiable Data Breaches Scheme was introduced when Australia’s Privacy Amendment Act 2017 came into effect.
"Entities have data breach notification obligations when a data breach is likely to result in serious harm to any individuals whose personal information is involved in the breach," says the Notifiable Data Breaches scheme.
