Story image

Computer Lounge online store hit by security breach

05 Nov 18

Auckland-based online computer parts store Computer Lounge has been affected by a security breach.

According to a report from Reddit user Brian McCarthy, the vulnerability had existed for months, but the company had failed to act on it until recently.

The vulnerability could have allowed somebody to extract personal information from the website, however the company says that no credit card details or passwords were compromised. Personal information can still be used for identity theft or be put up for sale on cybercrime marketplaces.

A notice published on the company’s website last weekend admits that Computer Lounge doesn’t know ‘the full extent of the data leaked’, but it is working with a team of data forensics specialists to find out.

“We take full responsibility and would like to assure the public we have done everything in our power to not only right this wrong, but to ensure that such an incident does not happen again,” the notice says. 

“We took down our website to ensure that any impact on our customers was minimised, and are we working with a new team of web developers to develop an updated, robust website, and look forward to sharing this with you very soon.”

Computer Lounge is working with CERT NZ, the Police and the Privacy Commission to mitigate the issue and minimise impact on customers.

A notice posted on Sunday November 4 says: “We would like to reassure our customers that while the site was down we have pushed updates which have fixed the vulnerability. We will keep you posted with any further updates should they be required.”

A number of high-profile security breaches involving New Zealand firms have hit the headlines this year, proving the old adage of ‘it’s not a case of if, but when’.

Earlier this year Z Energy announced that its Z Card online database was ‘accessed by a third party’ back in November 2017.

The third party may have accessed customer data but not bank information or anything that affects customer finances.

“Z takes its data privacy responsibility and threats to cyber security very seriously and is taking steps to ensure that the company learns from this incident,” the company stated at the time.

Vector’s Outage app was also breached this year. It leaked information belonging to 24,000 customers including names, emails, and postal addresses.

Facebook, Ticketmaster, TimeHop, and even the PyeongChang Winter Olympics have been affected by breaches this year.

Royole's FlexPai: So bendable phablets are a reality now
A US-based firm called Royole is delivering on that age-old problem of not being able to fold up your devices (who hasn't ever wished they could fold their phone up...)
Hands-on review: Having fun in Knowledge is Power: Decades and Chimparty
They don’t revolutionise social video gaming, but they are enjoyable enough to occupy you during a wet weekend. 
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
Tile's Mate & Pro Bluetooth trackers land in NZ
If your car keys (or your tablet) have disappeared into the void at the back of the couch or if you left them somewhere in your car, retracing your steps to find them could be a thing of the past.
Government still stuck in the past? Not on GovTech's watch
What exactly is GovTech and what’s been happening in our capital city?
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Hands-on review: The iPhone Xs
The iPhone Xs is a win that brought numerous new and exciting features to the market.
How much does your Amazon Prime Video subscription really get you?
For our NZ$8.90 per month, the average cost per title is US$0.00126 - but we only really get a choice of 416 TV shows and 4321 movies. Choice is a little bit limited compared to other countries.