Red Rooster Has Been Hacked?
Last edited 01/11/2019 - 17:39 by 1 other user
I just got this email…
My only question is "WHY?"
WHY would anyone bother with hacking an account for free chicken??? A whole BBQ chicken costs $15 at Red Rooster and you need to spend thousands of dollars to get enough points with them to get a chook - I'm pretty sure maybe 5 people in Australia have this many points!!!
Are they just using this as a form of advertising for themselves? Any publicity is good publicity!:
Red Rooster (a brand controlled by Craveable Brands Pty Ltd) has recently been informed by a small number of customers that their Red Royalty accounts were accessed by an unauthorised third party. Red Rooster treats any potential misuse of data, regardless of the extent of that misuse, exceptionally seriously. Our priority is to minimise any impact on you, our most loyal customers, specifically in this case, the potential impact being the misuse of your Red Royalty dollars.
We have conducted an investigation with a third party IT Security consultant and concluded that the issue is related to what is known as credential stuffing. Effectively, credentials such as an email and password combination are obtained from a data breach on one service and are used to attempt to log in to another unrelated service. These attempts have low success rates, but in this case, your account has been identified as one account at risk (i.e. it is possible that the unauthorised third party accessed your Red Royalty account). Red Rooster does not believe that its system was or has been hacked by the third party. However, unauthorised access to your account could result in the third party obtaining your name, address (residential and/or email), phone number or birth date information if this is stored in your account. It could also result in your Red Royalty dollars being redeemed without your consent.
Most important for you at this time is completing some recommended next steps:
Monitor your Red Royalty account for unauthorised use of your loyalty dollars. If you believe that you have been impacted, you may reach out to us here.
Change your password on your Red Royalty account by clicking here.
It is best practice to not use the same username and password combination across multiple accounts. If you routinely use the same password across different services, it is recommended that you change the password on other accounts that you may have.
Continually be wary of phishing emails, telephone calls and text messages from any service requesting personal information. Avoid opening scam emails and text messages with attachments and links from unknown senders.