Up to 1.5 million customers of The Good Guys loyalty program may have had their personal information hacked in a data breach at a third-party company.
The electronics retailer released a statement saying the IT systems of a former third-party supplier, Pegasus Group Australia, now known as My Rewards, had been improperly accessed by an unauthorised user.
The Good Guys said My Rewards had previously been used for reward services for "Concierge" members and it collected names, addresses, phone numbers and emails and, for some, dates of birth.
However, it said drivers licence, passport and credit card data was not involved in the breach.
The Good Guys has directly contacted 325,000 Concierge members who had set up a My Rewards account, and a further 1.5 million Concierge members whose contact details might have been impacted by the breach, which is believed to have occurred in August 2021.
The Good Guys no longer uses My Rewards, and accounts linked to Concierge member benefits have been closed.
The Good Guys managing director Biag Capasso apologised for concern the issue had caused.
"The Good Guys take the matter of privacy and data security very seriously," he said.
"It is extremely disappointing that My Rewards, a former services provider, has experienced this breach."
A spokesman for My Rewards, said: "While we believe no serious harm has been caused by the breach, we are very concerned with the unauthorised access to the information and are working closely with the federal government authorities to minimise the impact of the data breach."
Anyone who has concerns about their personal information should contact IDCare, a national identity and cyber-support community service.