EnergyAustralia, the country’s third-largest energy retailer, is the latest Australian corporate giant to report a hack of its customer information, with 323 customer accounts compromised.
According to a statement from the power company, it had implemented 12-character passwords on its My Account online customer platform following a “cyber incident”. EnergyAustralia customers will need to reset their My Account password and include special characters. Previously, the accounts required eight characters and no special characters.
EnergyAustralia said in a statement released on Friday that the hack resulted in the exposure of information provided by 323 residential and small business customers, including customer names, addresses, email addresses, electricity and gas bills, phone numbers, and the first six and last three digits of credit cards.
“There is no evidence that customer information was transferred outside of EnergyAustralia’s systems, and importantly, identification documentation, such as driver’s licences or passports, and banking information, are not stored on My Account,” the energy company said of the hack that occurred on September 30. It added that impacted customers had been contacted by text and email on October 2 with a prompt to reset their passwords.
Mark Brownfield, EnergyAustralia Chief Customer Officer, has since apologised to customers in a statement.
“We apologise for the concern that this issue may have caused our customers,” Mr Brownfield said. “While this incident was limited in terms of customers affected, we take the security of customer information seriously and have been working hard to put in place additional layers of security to ensure the protection of all customer information.
“This now includes the implementation of 12-character passwords. We recognise the transition to more secure passwords won’t be easy for all our customers, however, this incident and other recent cyber incidents have highlighted this is where we need to go with password complexity.”
EnergyAustralia customers can find more information on the cyber incident on EnergyAustralia’s site.
Medibank, Optus & Woolworths also embroiled in data breaches
EnergyAustralia’s public acknowledgment of the data loss came as Medibank revealed that its own hack, first reported last week, appeared to have become more serious in recent days.
The health insurer originally told customers that it had found “no evidence that any customer data has been removed from our IT environment” after detecting a possible hack. However, it updated customers by email in the past few days to say that it had “received messages from a group who claim to have removed customer data” and that it was treating the matter seriously as it sought to establish if the claim was true.
A statement on Medibank’s site said that the data appeared to come from the company’s ahm and international student systems and included where a customer had received medical services.
Meanwhile, Optus continues to deal with what’s been dubbed the biggest Australian corporate hack in recent history, with estimates of the number of customers and former customers impacted by the loss of personal information including driver’s licence and passport details as large as 9.8 million. Canstar Blue has more information on the options available for Optus customers who are seeking to end their contract with Optus.
In the same few weeks, Woolworths Group said the data of 2.2 million MyDeal customers had been accessed by an unauthorised user using “compromised” user credentials. While the MyDeal site itself did not appear to offer information on the hack as of Friday, Woolworths Group said on October 14 that the hack involved customer names, email addresses, phone numbers, delivery addresses, and in some instances, the date of birth of customers.
Woolworths completed its acquisition of MyDeal, a deals site, in September and no Woolworths or Everyday Rewards data was compromised in the hack, it said.
I am an EnergyAustralia customer, what do I need to do?
EnergyAustralia customers are required to update their passwords on their MyAccount to a stronger 12-charcter password that includes a variety of special characters such as capital letters and numbers. EnergyAustralia has said that customers logging into their MyAccount will be prompted to reset their password then.
If you were directly impacted by this incident, you should have received an SMS and email from the retailer on Sunday October 2 at around 3pm. This message prompted customers to contact a dedicated call centre to restore their MyAccount, which had been locked as a result of the breach. This call centre was open from 9am on Monday October 3.
Follow-up calls to affected customers were also made this week, according to the retailer.
No other information is required to be updated at this time, however concerned customers may wish to change other details too.
EnergyAustralia claims that no personal identification documentation such as driver’s licenses, passports or bank details were involved in the breach as these details are not linked to MyAccounts.
The retailer has updated the relevant regulators and key government offices regarding the incident and has said it will continue to provide updates on information as it becomes available.
Concern customers can find out more information regarding their MyAccount under EnergyAustralia’s Frequently Asked Questions.
Looking to switch? See providers and prices in your area
If you are worried about your energy account and looking to switch providers, our free comparison tool is here and ready to help. Simply type in your postcode to see a variety of plans from different providers in your local area. Switching energy providers is a quick and easy process that typically takes up to two business days to be completed. To see your options, visit our comparison table here.
Alternatively, you catch a sneak peak of some of the cheapest electricity plans currently available in New South Wales, Victoria, south-east Queensland and South Australia below.
Here are some of the cheapest published deals from the retailers on our database that include a link to the retailer’s website for further details. These are products from referral partners†. These costs are based on the Ausgrid network in Sydney but prices may vary depending on your circumstances. This comparison assumes general energy usage of 3911kWh/year for a residential customer on a single rate tariff. Please use our comparison tool for a specific comparison in your area. Our database may not cover all deals in your area. As always, check all details of any plan directly with the retailer before making a purchase decision.
Here are some of the cheapest published deals from the retailers on our database that include a link to the retailer’s website for further details. These are products from referral partners†. These costs are based on the Citipower network in Melbourne but prices may vary depending on your circumstances. This comparison assumes general energy usage of 4000kWh/year for a residential customer on a single rate tariff. Please use our comparison tool for a specific comparison in your area. Our database may not cover all deals in your area. As always, check all details of any plan directly with the retailer before making a purchase decision.
Here are some of the cheapest published deals from the retailers on our database that include a link to the retailer’s website for further details. These are products from referral partners†. These costs are based on the Energex network in Brisbane but prices may vary depending on your circumstances. This comparison assumes general energy usage of 4613kWh/year for a residential customer on a single rate tariff. Please use our comparison tool for a specific comparison in your area. Our database may not cover all deals in your area. As always, check all details of any plan directly with the retailer before making a purchase decision.
Here are some of the cheapest published deals from the retailers on our database that include a link to the retailer’s website for further details. These are products from referral partners†. These costs are based on the SA Power network in Adelaide but prices may vary depending on your circumstances. This comparison assumes general energy usage of 4011kWh/year for a residential customer on a single rate tariff. Please use our comparison tool for a specific comparison in your area. Our database may not cover all deals in your area. As always, check all details of any plan directly with the retailer before making a purchase decision.
Share this article