The Perth Mint confirms more customers involved in data breach

Sep 17, 2018

The Perth Mint has learned that the data breach reported last week actually involved the taking of personal details belonging to approximately 3,200 Depository Online customers, Chief Executive Officer Richard Hayes announced today.

"As previously advised, ongoing forensic investigations continue and we were made aware of this development over the weekend. We have moved quickly to contact the affected Depository Online customers in order to protect their interests," he said.

"While we are extremely disappointed, we have again assured our customers that their investments are unaffected and remain safe and secure.

"Our dedicated customer support team has been working extended hours to provide our customers with advice and to answer any inquiries they may have."

Mr Hayes confirmed the data breach occurred on the system of a third-party technology provider. However, he again assured customers that there is no evidence to suggest The Perth Mint’s own internal systems have been compromised in any way.

"We launched a forensic investigation when the data breach was identified and we have worked closely with our third-party provider and a range of cyber-crime experts during the ongoing inquiry," he said.

"We are continuing to work with the third-party provider to understand how this breach has occurred and we will continue to work with the authorities, including the Australian Federal Police.

"I can assure our customers there is no threat to any account holdings at The Perth Mint and none of our data systems have been breached.

"We sincerely regret any concern caused by this incident and will do everything we can to support and assist our customers."

Mr Hayes said Depository Online investors represented only a small subset of The Perth Mint's customer base. He said he was confident that no data belonging to any other investors or customers had been accessed.

Since identifying the breach, The Perth Mint has:

  • Launched a forensic investigation with cyber-crime experts
  • Notified all affected customers via email
  • Set up a dedicated phone line to deal with customer enquiries
  • Notified the Office of the Australian Information Commissioner
  • Notified the Western Australian Police and the Australian Federal Police