Major brands hit by credit card hack

Mr Albanese said hacks from both domestic and foreign sources represented a real threat . Picture: Gaye Gerard

Anthony Albanese has vowed to look at any measures possible to protect businesses from scams after thousands of online shoppers had their credit card details stolen by hackers in a major coordinated attack.

Large businesses including streaming platform Binge, Dan Murphy’s, Event Cinemas and Guzman Y Gomez were targeted by cybercriminals who fraudulently accessed the online accounts of thousands of customers in the past months.

Scammers who purchased the stolen login details from overseas cyber-criminals then racked up thousands in online purchases.

Impacted customers had either saved their credit card details on company websites or have gift cards or store credit for online purchases.

The Prime Minister said cyber crime was a “huge issue” and represented a genuine threat to Australia and its economic security.

Anthony Albanese has vowed to look at protecting businesses which were hit by a cyber attack. Picture: Gaye Gerard

“This is a scourge and there are so many vulnerable people being ripped off who’ve acted in absolutely good faith and we need to make sure they are protected,” Mr Albanese said on Wednesday.

It comes as it was revealed in the Nine Newspapers that the cybercriminals took to online chat rooms to brag about buying iPhones, clothing and almost $800 of alcohol using unsuspecting Australian’s money.

Binge, Dan Murphy’s, Event Cinemas and Guzman Y Gomez have been contacted for comment.

Major online retailer The Iconic was also hit by the scheme, known as ‘credential stuffing’, and vowed earlier this week to refund customers whose accounts were used to place fraudland orders.

Credential stuffing refers to when hackers use previously stolen passwords from one website and try to reuse them elsewhere.

Guzman Y Gomez is a business which was hacked. Picture: Kevin Farmer
Guzman Y Gomez is a business which was hacked. Picture: Kevin Farmer

Australia’s Cyber Security Centre received over 94,000 reports of cybercrime over the past financial year, an increase of 23 per cent from 2021-22.

The Albanese government admitted it fell victim to the nation’s largest ever government data breach on Monday after a hack allegedly carried out Russian-linked cybercriminals stole sensitive data from dozens of departments late last year.

Mr Albanese flagged a series of forums held by the Assistant Treasurer Stephen Jones who is investigating further measures to protect Australia from the growing threat of cyber attacks.

“We’ll look at any measures that are possible in order to protect consumers because that’s our priority,” he said.

Dan Murphy's liquor store at Blacktown. Generic Blacktown photos. Picture: Supplied
Dan Murphy's was also hit by the attack. Picture: Supplied

Monash University cyber security professor Nigel Phair said the best thing customers can to do protect themselves is to check their accounts for unusual activity and avoid reusing passwords across multiple websites.

“The issue is we’ve had all these data breaches over the last 18 months and dare I say there will be more coming into the future, and because of that, the criminals buy the details that are for sale on the dark web and replay them into all these different logins,” he said.

“The reason they are successful is because we reuse the same password over and over again in multiple online locations.”