MyDeal, a Woolworths Group subsidiary, has advised that the data of approximately 2.2 million customers has been compromised by unauthorised access to its Customer Relationship Management (CRM) system.

MyDeal is contacting the approximately 2.2 million affected customers by email and engaging with relevant regulatory authorities and government agencies.

The customer data includes names, email address, phone numbers, delivery addresses and in some instances, the date of birth of customers. For 1.2 million customers involved in the breach only their email addresses were exposed.

MyDeal does not store payment, drivers licence or passport details and no customer account passwords or payment details have been compromised in this breach.

MyDeal CEO, Sean Senvirtne said, “We apologise for the considerable concern that this will cause for our affected customers. We have acted quickly to identify and mitigate unauthorised access and have increased the monitoring of networks. We will continue to work with relevant authorities as we investigate the incident and we will keep our customers fully informed of any further updates impacting them.”