Bunnings drive and collect customers exposed by FlexBooker cyber attack
People who use the drive and collect system at Bunnings Warehouse may have had their personal data compromised after a third-party software firm suffered a massive cyber security breach.
The scheduling platform FlexBooker, which is used by many companies and underpins Bunnings’ popular drive-by collection service, apologised this week after the private information of 3.7 million users was exposed.
The incident occurred back in December and on Wednesday forced Bunnings to issue a warning to customers.
“We wanted to let you know that we have recently been made aware of a data security breach experienced by our third-party booking provider FlexBooker,” an email from the company read.
Bunnings was quick to point out that the drive and collect system did not provide credit card information, passwords or mobile phone numbers to FlexBooker, and therefore the company was confident this sensitive information was not included in the data breach.
“Bunnings takes the security of our customers’ and team members’ personal information very seriously, and will carry out a thorough investigation into this incident.”
A FlexBooker spokesperson told global tech site ZDNet that the data accessed was “limited to names, email addresses, and phone numbers”.
Drive and collect was set up as a means to keep Bunnings open to customers during the pandemic.
You purchase items online and arrange for a time to drive to Bunnings, where a staff member then brings the goods to your car.
Originally published as Bunnings drive and collect customers exposed by FlexBooker cyber attack
Get the latest news from thewest.com.au in your inbox.
Sign up for our emails