In late April, one of our external contractors, Oracle CMS, told us they were victims of a cyber attack.
When a customer phones our customer service line after hours, the call is diverted to Oracle CMS, who takes the call on our behalf.
Following their data breach, we have been working closely with Oracle CMS and the Department of Government Services to understand if any of our customers were impacted by this breach of information.
We analysed information provided by OracleCMS and found about 800 Boroondara customer records were affected - customers who contacted us after business hours between December 2016 and July 2017.
The exact information involved in the data breach depends on the enquiry or request made at the time, but includes contact information like name, mailing address and phone number.
Our analysis of the information provided by OracleCMS confirms sensitive financial information such as credit cards or any identification records such as licence or passport numbers wasn't involved.
We understand that data breaches such as this can be distressing. We are contacting all impacted customers directly to advise them of the breach and provide tailored advice and support.