Dis-Chem, a pharmaceutical retail chain, recently announced that its systems were affected in a data breach incident that would have compromised the personal records of up to 3.6 million customers. The company added that it had a contract with a third-party managed services provider, which developed a database that stored users’ personal information.
On May 1st, Dis-Chem discovered that an unauthorized actor managed to access the content of this database, so an internal investigation was ordered and measures were taken to prevent further inconveniences happening.
After the investigation, the company confirmed that more than 3.6 million records were compromised during the incident, accessing full names, email addresses and phone numbers.
The company fears that unauthorized actors who accessed this information could use it to deploy malicious campaigns: “There is a possibility that the unauthorized party could use any affected personal information to commit other criminal activities, such as phishing attacks, email account compromise, social engineering, and identity theft attempts.”
On Wednesday, the group declined to confirm further information in response to an update. “Dis-Chem will not share anything else about the data breach,” the company said in a statement.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.