We have some disconcerting news to share today, members.

A third-party supplier of electronics giant The Good Guys was reported to be the target of an electronic cyber attack and the personal information of an estimated 1.5 million customers was exposed as a result.

The target? Customers who were a part of the ‘Concierge’ Good Guys rewards system.

Unfortunately, the IT systems of their former third-party supplier My Rewards (formerly known as Pegasus Group Australia) were accessed by an unauthorised user.

My Rewards collected 'Concierge' members' names, addresses, phone numbers, emails and, for some, dates of birth, which makes it all the more concerning that this data was likely stolen during the attack.

The technical expert explains that despite personal information being collected, the company is notifying members that payment information such as ID numbers and credit card details were not accessed.

Customers of The Good Guys' loyalty program may have had their personal information stolen in a data breach of a third-party company. Credit: The Good Guys.

While the breach itself is believed to have taken place in August 2021, it was only reported recently, leaving many customers wondering whether their personal details have fallen into the wrong hands.

Those scam calls you’ve received and can’t figure out where they got your number? That’s right, it could have been from this breach.

As part of its response to the breach, The Good Guys have contacted a staggering 325,000 Concierge members who had set up an account, along with an additional 1.5 million members whose contact details may have been compromised.

With the company no longer using My Rewards and accounts linked to Concierge member benefits now closed, customers can let out a small sigh of relief.

But the question on everyone's minds remains: how did this happen, and who is responsible for such a colossal security lapse?

The company is notifying members that payment information such as ID numbers and credit card details were not accessed. Credit: Unsplash/Sigmund.

The retail company's managing director, Biag Capasso, issued an apology for the incident, acknowledging the significant worry it has caused customers. Capasso also stressed the importance of data security, stating that The Good Guys takes the matter very seriously.

Meanwhile, the company responsible for the breach, My Rewards, has come under scrutiny for failing to adequately protect customers' data.

A spokesman for the company attempted to relieve fears by claiming that no serious harm had been caused, but this has done little to reassure customers who are still uncertain about the extent of the breach.

The company is now working closely with federal government authorities to minimise the impact of the breach, but questions remain about how such a significant breach could have occurred in the first place.

If you think your personal data is at risk, consider getting extra support from online identity and cyber support community services. Credit: Unsplash/Sigmund.

Are you worried about your personal data being at risk? It can be a scary and stressful situation, but there is help available.

IDCARE is a free service that offers support to people who have been affected by cybercrime or identity theft. With their assistance, you can recover from the incident and take steps to protect your personal information in the future.

Recently, The Good Guys engaged IDCARE to help community members who may have been affected by the My Rewards data breach.

If you are concerned that your personal information may have been exposed in this breach, IDCARE can provide extra support and guidance to help you navigate the situation.

Key Takeaways

• Up to 1.5 million The Good Guys loyalty program customers have had their personal information hacked.
• The data allegedly accessed includes names, addresses, passwords, phone numbers and emails, and for some, dates of birth.
• Drivers licence, passport and credit card data were reportedly not involved in the breach.
• Those impacted by the breach have been encouraged to contact IDCARE, Australia's national identity and cyber support community service.

Here is some of IDCARE's advice for data breach victims:

Don't respond to unsolicited messages without verifying the source using other trusted contact methods.

It's important to be cautious when receiving messages or phone calls that you didn't ask for or expect. Even if the person seems to know some information about you, it's not always safe to trust them. Before responding, take the time to investigate the source by using other contact methods that you trust.

For example, if you receive an unexpected email or text message from someone claiming to be a representative of a company or organisation, don't respond to them right away. Instead, try to verify their identity by looking up the company's official website or phone number and contacting them directly.

Mixing up passwords, making them long and strong, and using a Password Manager software is recommended. Credit: Unsplash/Towfiqu barbhuiya.

Change passwords for accounts using the same combination as the compromised password.

If you have received a notification that one of your passwords has been compromised, there are steps you can take to protect yourself.

If you've used the same username and password combination for other online accounts, it's important to change those passwords too. This helps ensure that your other accounts are not vulnerable to attack.

To make it easier to manage all of your passwords, you might want to consider using a password manager, which can help you create strong, unique passwords for each account and store them securely.

Another way to add an extra layer of protection to your accounts is by enabling multi-factor authentication if it's available. This can help prevent unauthorised access to your accounts, even if someone manages to obtain your password.

Scammers like to create a sense of urgency for their victims to 'act now', so don't be pressured to respond.

Scammers often use urgency as a tactic to pressure people into making a hasty decision. They might threaten to take away a service or even have you arrested if you don't act immediately, or they might offer a refund or discount, but only if you respond right away.

It's important to remember that you don't have to respond to these types of communications right away. Take the time to think it over and verify the source before making any decisions. Scammers often rely on people acting impulsively, so by slowing down and considering your options, you can help protect yourself from fraud.

If you're unsure about a message you've received, don't be afraid to seek help from a trusted source, such as a family member, friend, or cybersecurity expert.

​

Cyber-attacks and data breaches are not just isolated incidents that happen to big companies; they can happen to anyone. In today's digital age, it's more important than ever to stay informed and educated about the latest developments in data security to protect yourself and your family from potential harm.

By keeping up with the news, you can learn about the different types of cyber-attacks, how they work, and the best practices to prevent them from happening to you. Make it a habit to stay up-to-date, and feel free to check out the Scam Watch forum on the SDC website for more information.

In light of the recent data breach, we urge everyone who was a part of their loyalty program to check for any suspicious emails or messages. Your safety and security are of utmost importance, so stay vigilant and stay safe, members!

 

[MindyMac]

I purchased this with a couple of items I recently purchased. One would think that The Good Guys should have emailed every customers that was part of their Concierge Rewards (Extended Warranty).

 

[riskydave]

We have some disconcerting news to share today, members.

A third-party supplier of electronics giant The Good Guys was reported to be the target of an electronic cyber attack and the personal information of an estimated 1.5 million customers was exposed as a result.

The target? Customers who were a part of the ‘Concierge’ Good Guys rewards system.

Unfortunately, the IT systems of their former third-party supplier My Rewards (formerly known as Pegasus Group Australia) were accessed by an unauthorised user.

My Rewards collected 'Concierge' members' names, addresses, phone numbers, emails and, for some, dates of birth, which makes it all the more concerning that this data was likely stolen during the attack.

The technical expert explains that despite personal information being collected, the company is notifying members that payment information such as ID numbers and credit card details were not accessed.

View attachment 14345

Customers of The Good Guys' loyalty program may have had their personal information stolen in a data breach of a third-party company. Credit: The Good Guys.

While the breach itself is believed to have taken place in August 2021, it was only reported recently, leaving many customers wondering whether their personal details have fallen into the wrong hands.

Those scam calls you’ve received and can’t figure out where they got your number? That’s right, it could have been from this breach.

As part of its response to the breach, The Good Guys have contacted a staggering 325,000 Concierge members who had set up an account, along with an additional 1.5 million members whose contact details may have been compromised.

With the company no longer using My Rewards and accounts linked to Concierge member benefits now closed, customers can let out a small sigh of relief.

But the question on everyone's minds remains: how did this happen, and who is responsible for such a colossal security lapse?

View attachment 14346

The company is notifying members that payment information such as ID numbers and credit card details were not accessed. Credit: Unsplash/Sigmund.

The retail company's managing director, Biag Capasso, issued an apology for the incident, acknowledging the significant worry it has caused customers. Capasso also stressed the importance of data security, stating that The Good Guys takes the matter very seriously.

Meanwhile, the company responsible for the breach, My Rewards, has come under scrutiny for failing to adequately protect customers' data.

A spokesman for the company attempted to relieve fears by claiming that no serious harm had been caused, but this has done little to reassure customers who are still uncertain about the extent of the breach.

The company is now working closely with federal government authorities to minimise the impact of the breach, but questions remain about how such a significant breach could have occurred in the first place.

View attachment 14347

If you think your personal data is at risk, consider getting extra support from online identity and cyber support community services. Credit: Unsplash/Sigmund.

Are you worried about your personal data being at risk? It can be a scary and stressful situation, but there is help available.

IDCARE is a free service that offers support to people who have been affected by cybercrime or identity theft. With their assistance, you can recover from the incident and take steps to protect your personal information in the future.

Recently, The Good Guys engaged IDCARE to help community members who may have been affected by the My Rewards data breach.

If you are concerned that your personal information may have been exposed in this breach, IDCARE can provide extra support and guidance to help you navigate the situation.

Key Takeaways

• Up to 1.5 million The Good Guys loyalty program customers have had their personal information hacked.
• The data allegedly accessed includes names, addresses, passwords, phone numbers and emails, and for some, dates of birth.
• Drivers licence, passport and credit card data were reportedly not involved in the breach.
• Those impacted by the breach have been encouraged to contact IDCARE, Australia's national identity and cyber support community service.

Here is some of IDCARE's advice for data breach victims:

Don't respond to unsolicited messages without verifying the source using other trusted contact methods.

It's important to be cautious when receiving messages or phone calls that you didn't ask for or expect. Even if the person seems to know some information about you, it's not always safe to trust them. Before responding, take the time to investigate the source by using other contact methods that you trust.

For example, if you receive an unexpected email or text message from someone claiming to be a representative of a company or organisation, don't respond to them right away. Instead, try to verify their identity by looking up the company's official website or phone number and contacting them directly.

View attachment 14348

Mixing up passwords, making them long and strong, and using a Password Manager software is recommended. Credit: Unsplash/Towfiqu barbhuiya.

Change passwords for accounts using the same combination as the compromised password.

If you have received a notification that one of your passwords has been compromised, there are steps you can take to protect yourself.

If you've used the same username and password combination for other online accounts, it's important to change those passwords too. This helps ensure that your other accounts are not vulnerable to attack.

To make it easier to manage all of your passwords, you might want to consider using a password manager, which can help you create strong, unique passwords for each account and store them securely.

Another way to add an extra layer of protection to your accounts is by enabling multi-factor authentication if it's available. This can help prevent unauthorised access to your accounts, even if someone manages to obtain your password.

Scammers like to create a sense of urgency for their victims to 'act now', so don't be pressured to respond.

Scammers often use urgency as a tactic to pressure people into making a hasty decision. They might threaten to take away a service or even have you arrested if you don't act immediately, or they might offer a refund or discount, but only if you respond right away.

It's important to remember that you don't have to respond to these types of communications right away. Take the time to think it over and verify the source before making any decisions. Scammers often rely on people acting impulsively, so by slowing down and considering your options, you can help protect yourself from fraud.

If you're unsure about a message you've received, don't be afraid to seek help from a trusted source, such as a family member, friend, or cybersecurity expert.

View attachment 14354​

Cyber-attacks and data breaches are not just isolated incidents that happen to big companies; they can happen to anyone. In today's digital age, it's more important than ever to stay informed and educated about the latest developments in data security to protect yourself and your family from potential harm.

By keeping up with the news, you can learn about the different types of cyber-attacks, how they work, and the best practices to prevent them from happening to you. Make it a habit to stay up-to-date, and feel free to check out the Scam Watch forum on the SDC website for more information.

In light of the recent data breach, we urge everyone who was a part of their loyalty program to check for any suspicious emails or messages. Your safety and security are of utmost importance, so stay vigilant and stay safe, members!

Two years to tell us and he made an apology, well it's all solved now then isn't it....
These people should lose their bonus and their job.....lousy money grabbing money hungry CEO's who do not give a toss past their executive lunch at Australia Square paid for by this very loyalty scheme probably.

 

[Gsr]

Totally agree, if this happened in August 2021, why are we just being notified now. Who knows how many fake IDs have already been created using our details. We seem to have scammers ringing our house phone, mobile numbers or sending emails to us almost daily. No wonder, our details have been hacked off Medicare, Optus, My Deal and now Good Guys as well. My online shopping account was hacked after My Deal breach, I had to chase the money and change cancel that account and set up a new one. Most inconvenient. The government needs to impose hefty fines on these companies for allowing this to happen. That would also put some much needed funds back into government coffers.

 

[DrivingGirl]

I purchased this with a couple of items I recently purchased. One would think that The Good Guys should have emailed every customers that was part of their Concierge Rewards (Extended Warranty).

Exactly! This happened 18 months ago and we’re hearing about it now??
I’m a concierge member and this is the first I have heard of a breach!

 

[Kelpie]

Exactly! This happened 18 months ago and we’re hearing about it now??
I’m a concierge member and this is the first I have heard of a breach!

Well the World has decided to go all in with the Internet and Computers. By doing so, that is what we are now willing to pay to go down that road.
I see that someone is writing abou people ringing and emaail form all over the place but that iss all part of it now. I am disgusted with all of this as I am now in the same predicament with people ringing my home number and my mobiles all hours of the day and night (A lot from overseas) when I never gave those numbers to anyone burring my immediate family, my suppliers, and the Bank. So, where did they get all of my private numbers from.??

I WONDER.!!

 

[DrivingGirl]

Well the World has decided to go all in with the Internet and Computers. By doing so, that is what we are now willing to pay to go down that road.
I see that someone is writing abou people ringing and emaail form all over the place but that iss all part of it now. I am disgusted with all of this as I am now in the same predicament with people ringing my home number and my mobiles all hours of the day and night (A lot from overseas) when I never gave those numbers to anyone burring my immediate family, my suppliers, and the Bank. So, where did they get all of my private numbers from.??

I WONDER.!!

I don’t know what kind of phone you have, but iPhone have a place in your settings that you can silence all calls that are not in your contacts list. Definitely worth doing but change your message to tell others that you can’t call them back unless they leave a message. Scam callers never leave a message.

 

[Kelpie]

I don’t know what kind of phone you have, but iPhone have a place in your settings that you can silence all calls that are not in your contacts list. Definitely worth doing but change your message to tell others that you can’t call them back unless they leave a message. Scam callers never leave a message.

I have a better way. I simply tell them to do themselves a favour and to go and get a proper paying job. They then hang up or I simly do it myself.

For the records (I used to sell mobile phones in one of my past businesses) I don't allow any messages at all in my own phones. Np one can leave messages because they simply can't and when somebody whom I can deal with tells me that they left a message on my phine, I quickly call them to task by telling them that it is not true as I don't have message bank at all. They can send me a text if they wish BUT DEFINITELY NOT A MESSAGE.

I block this number after that but somehow they ring me again with a different number. That is the fault of the carrier as that is the only way these scammers can get your mobile numbers and house numbers.