Thousands of customers exposed in kitchenware brand data leak
The personal details of shoppers behind more than 7500 transactions have been exposed. Photo: Neoflam Australia/ Facebook
Kitchenware brand Neoflam Australia has mistakenly published its internal warranty records, exposing the private information of more than 7500 of its customers, The New Daily can reveal.
A page under the brand’s website revealed the full name, age or age bracket, gender, phone number, home address and email of customers from between 2010 and 2015.
It also published the items, date purchased, and the name of the store the item was purchased from. The information amounts to 400 pages.
Neoflam Australia took the page offline about two hours after being alerted to the breach by The New Daily.
The breach did not reveal any banking details.
The multinational brand is known for its colourful and eco-friendly frypans, chopping boards and storage containers.
The Australian arm is run out of Mullumbimby on the New South Wales north coast. Its Australian and New Zealand-based Facebook page has more than 5000 followers.
One of the customers exposed in the breach told The New Daily it was “outrageous” that the company could be so careless with private information.
Pete, who did not want to be further identified, purchased a 26cm-deep casserole dish from a Melbourne store on October 9, 2015.
“Any brand has a responsibility to maintain the privacy of their customers,” Pete said.
“Personally, I don’t like it. I’m not happy about it.”
But he acknowledged, “It’s very hard to hide yourself these days”.
“I know there’s not a lot I can do, to be honest.”
Another customer, NSW woman Caitlin, said she tried not to give out too much information “willy-nilly” and expected better.
“I’m not exactly thrilled to hear this,” Caitlin told The New Daily.
She said she would take it as a reminder to be careful when giving out information.
“It’s a little bit of a warning and a reminder for me really … So many things require you to put in details and put them in online.
“It’s something I’ll be mindful of in the future, and something that they need to be mindful of in the future too.”
Caitlin said she probably wouldn’t be deterred from buying Neoflam in the future, because she liked the products.
“I might be getting in touch with them and I would expect them to be extremely apologetic. I would want to get a pretty good reason as to why it was made public.
“I don’t mean to sound flippant because it’s not a small matter. But there’s nothing that can be done about it now.
I assume it was a mistake but that’s a pretty huge mistake.”
Another customer wasn’t fazed, saying they gave out their details all the time.
A section of the information published online, with identifying information hidden.
The New Daily spoke to a Neoflam Australia spokesperson shortly after midday on Monday but did not receive a response to questions by deadline. Follow-up queries by phone and email were not answered.
It’s not clear how long the data was publicly available online.
The privacy policy on the brand’s website said it was “absolutely committed to keeping your personal information private”.
Other internal brand literature also appeared to have been mistakenly published.
The New Daily was able to download a spreadsheet detailing the company’s wholesale prices, store mark-ups and sale plans. There were also dozens of pages of marketing imagery.