The owner of drinks giant Dan Murphy’s is doubling down on its cybersecurity focus after watching big retail and telco brands fall victim to data breaches, with the company’s chairman acknowledging corporate Australia is being “bombarded with cyberattacks”.
Investors congratulated the Endeavour Group on the growth of its digital footprint during the company’s annual general meeting on Tuesday, but also asked how it was ensuring customer security.
The company’s “My Dan’s” membership program grew from 4.5 million users to 4.7 million in the first quarter of 2023, and its online sales jumped 17 per cent for the 2022 financial year, hitting $1 billion. Hackers routinely target retailers and their loyalty programs because they hold financial and personal details of lots of customers in one place.
Dan Murphy’s owner Endeavour Group is increasingly focused on its digital footprint.
“We’re very alert to the evolving threat of potential cyberattacks, and at a board meeting last Friday we spent a good part of the time getting educated on exactly where we’re at with that given the recent breaches that have occurred with Optus and most recently with one of Woolies’ platforms,” Endeavour chairman Peter Hearl said.
On Friday, Woolworths said exposure of some customer data had occurred through a breach of MyDeal, the online retail marketplace Woolworths acquired this year. The data included names, phone numbers, email addresses and date of birth information. Woolworths said MyDeal was contacting about 2.2 million customers who may have been affected.
The Optus data breach impacted almost 10 million Australians when data including passport and driver’s licence numbers were exposed in a cyberattack last month. The nation’s privacy and telecommunications watchdogs are investigating the telecommunications giant, and it could face a class-action style lawsuit from customers.
Hearl said investment in security was critical at a time when corporate Australia was under persistent threat of attack.
“I think that it’s public knowledge that large Australian organisations are being constantly bombarded with cyberattacks,” he said.
“Fortunately, we feel relatively confident that we’ve got everything in place to protect our customers’ data and privacy – we’re forever vigilant.”
He said Endeavour Group’s cybersecurity strategy was overseen by its chief cybersecurity officer and included a multifaceted approach.
“This program is reviewed and tested regularly via a range of activities which includes technical controls, secure coding practices, security monitoring, vulnerability and threat management, and cyber threat intelligence networking with like-minded organisations,” he said.
The comments come as yet another retailer fell victim to a breach this week; with a digital intruder breaking into online wine seller Vinomofo.
Health insurer Medibank also advised the ASX of unusual activity on one of its networks this week, but the company said there was no evidence of customer data being removed.
Fruit and vegetable grower Costa Group warned that sensitive employee data including tax file numbers and bank details may have been accessed as part of a phishing attack this month, but says there is no evidence that any data has made its way to the dark web.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.
Most Viewed in Business
From our partners
Source: Read Full Article