A data breach has impacted about 2.2 million MyDeal customers exposing names, email addresses, phone numbers, delivery addresses and birth dates.
- MyDeal says unauthorised access was gained to its customer relationship management system
- MyDeal says 1.2 million customers have only had their email addresses exposed
- The Woolworths Group says none of its other platforms have been impacted
MyDeal.com.au, which is a subsidiary of the Woolworths Group, said it identified exposed data on Friday after its customer relationship management system was accessed by a compromised user credential.
The Woolworths Group said MyDeal has now contacted all affected customers by email.
It said if you have not received an email, then you have not been affected.
The Woolworths Group said 1.2 million customers involved in the breach had only their email addresses exposed.
It said MyDeal did not store payment, drivers licence or passport details and no customer account passwords or payment details had been compromised.
MyDeal chief executive Sean Senvirtne apologised for the "considerable concern" it would cause for customers.
"We have acted quickly to identify and mitigate unauthorised access and have increased the monitoring of networks," he said.
"We will continue to work with relevant authorities as we investigate the incident and we will keep our customers fully informed of any further updates impacting them."
The Woolworths Group said none of its other platforms or the Everyday Rewards records had been impacted.
Woolworths Group completed the acquisition of approximately 80 per cent of the online marketplace MyDeal.com.au on 23 September 2022.