Customers that visit the Big W online store right now will find they can’t actually buy anything.
The Australian department store has disabled its online store after a privacy breach on Thursday that saw the checkout page pre-populated with another customer’s information. The website as of Monday morning is still in “browse only” mode.
In a notice to customers on Saturday, Big W revealed that between 1:50pm and 3pm Thursday “a small number” of customers were surprised with someone else’s details when checking out their shopping basket.
“This inadvertent disclosure related to a customer’s name, phone and address,” stated the retailer.
“Based on BIG W ’s thorough investigation of the issue we can inform you that no passwords, login details, bank account or credit card details were compromised during this time.”
The Big W website was taken offline at 3pm when the breach was realised and commenced an investigation into the breach, which is still ongoing. The incident has been self-reported to the national Privacy Commissioner.
The retailer said it is also “personally contacting” every customer affected by the breach, while its tech staff plan to re-open the online store “in stages over [the] coming days”.
Big W did not reveal how many customers are impacted.
“We confirm that your financial information is not at risk and there is no need to take any action regarding your credit or other payment cards. There is also no need to change any of your BIG W website account details or passwords,” the retail giant said.
Business Insider Emails & Alerts
Site highlights each day to your inbox.