TGI Fridays admits to exposing customer data, as Aussie breaches spike

An example of how not to give reassurance to your customers…:

[…] In a statement, TGI Fridays Australia chief executive James Sinclair claimed there was no malicious data breach or hack.

“We take the privacy of our customers extremely seriously and so notified them of this potential exposure promptly and are confident of the security and privacy of our data ongoing,” he said.

“We have also notified the Office of the Australian Information Commissioner (OAIC) who are satisfied with this matter,” Sinclair said.

However, in an email to customers seen by SmartCompany, TGI Fridays told customers to be wary of “unsolicited communications” like phishing emails in the wake of the exposure.

The company did not reveal how many Australian customers had their data exposed or what types of personal information was exposed, only claiming no financial information was involved.

It also did not confirm when it became aware of the breach, and when it notified customers, despite being asked.

SmartCompany understands the business has been aware it exposed the personal information of its customers for more than a month.


Original article here