ONEDAYONLY HIT BY DATA BREACH

Local e-commerce retailer OneDayOnly was hit by a massive data breach.

Hacking group. Kill Security (KillSec), has claimed responsibility for the breach. They’ve extracted private contact information, account details, and payment methods.

The news was announced via a post on KillSec’s dark website. It was later circulated on X with a threat that the group plans to publish the stolen data within one week.

My Broadband reports that they are reportedly demanding that OneDayOnly pay a $100,000 (R1,777,695) ransom by Tuesday 3 September 2024, to prevent the data from being posted online.

OneDayOnly released a statement saying “We are currently conducting an investigation and will be liaising with the relevant authorities and affected data subject”.

The online retailer has confirmed that no customer data was involved.

“We can confirm that no personal customer data or financial information is involved.”

“Sensitive data pertaining to our customers is hosted by a separate cloud provider that is not impacted in this incident. Furthermore, we can empathetically state that we do not hold credit card information and such information is held by our payment partners.”

Cyber attacks are increasing in South Africa. In June 2023, the JD Group suffered a data breach that led to the personal information of more than half a million of its customers being exposed.

The stores that were impacted included Russells, Sleepmasters, Rochester, Incredible, HiFi Corp, Everyshop, and Bradlows.

Image credit: Transparity Insurance Services