Trans-Tasman catering and cleaning firm Spotless has admitted to a huge data breach in which hackers may have obtained past and present staff members’ passport and IRD numbers, amongst other personal information. Internet experts said the breach was very serious and there was enough personal information in the potential leak that meant a “very high risk” of identity theft. Spotless said it “immediately engaged cyber-security experts to conduct a forensic investigation” and that investigation had found “your personal information may have been accessed”. The data, Spotless said, could have included names, email addresses, phone numbers and residential addresses as well as passport details and tax numbers. Shera said that by contacting the Privacy Commissioner and then contacting the affected staff, Spotless had complied with their obligations under privacy laws.

Source: Stuff April 16, 2021 02:35 UTC