EnergyAustralia hit by cyber attack in latest breach
EnergyAustralia is the latest business to be hit by a cyber attack, resulting in customer details being exposed.
The electricity company said the breach involved the customer platform My Account and 323 residential and small business customer accounts were accessed.
These accounts include the customer’s name, address, email address, electricity and gas bills, phone number and the first six and last three digits of credit cards.
EnergyAustralia said there is “no evidence that customer information was transferred outside” the company’s systems.
“…and importantly identification documentation, such as driver’s licences or passports, and banking information, are not stored on My Account,” a statement said.
EnergyAustralia Chief Customer Officer Mark Brownfield apologised to customers and said anyone affected was contacted in the days after the September 30 breach.
“While this incident was limited in terms of customers affected, we take the security of customer information seriously and have been working hard to put in place additional layers of security to ensure the protection of all customer information.
“This now includes the implementation of 12-character passwords. We recognise the transition to more secure passwords won’t be easy for all our customers, however, this incident and other recent cyber incidents have highlighted this is where we need to go with password complexity.”