Menu
Kiwi customer data exposed as Z Energy admits breach

Kiwi customer data exposed as Z Energy admits breach

Database held customer data such as names, addresses, registration numbers, vehicle types and credit limits

New Zealand-based fuel supplier Z Energy has been presented with evidence that customer data from its Z Card Online database was accessed by a third party in November 2017.

The database held customer data such as names, addresses, registration numbers, vehicle types and credit limits with the company.

“Z takes its data privacy responsibility and threats to cyber security very seriously and is taking steps to ensure that the company learns from this incident,” a company statement read.

“With the evidence provided to Z to date, the company believes the data accessed does not include bank details, or other information that would put customer finances directly at risk.

“That is because these sort of customer details were not held within the system that was accessed for security reasons.”

At this stage, Z Energy did not specify the extent to which its customer data had been compromised.

The company said it had notified affected customers and advised the Privacy Commissioner of the breach, with the system in question closed since December 2017.

“After being informed of the privacy breach Z has immediately acted to let affected customers know that their data may have been accessed,” the statement added.

“Z is committed to assisting customers in any way possible in relation to this incident.”

The Z Card allows customers to manage fuel accounts online, and is used primarily by companies with vehicle fleets.

The business said it had been made aware of a potential vulnerability in the system in November, but had not found evidence of any data breaches at that time.

“Z has engaged an external provider to commence penetration testing across all of Z’s customer facing systems to immediately assess for any vulnerabilities,” the statement said.

“Z also operates Caltex Star Card. The Star Card online system has very similar characteristics to that of the former ZCOL system.

“As a precaution, Z is taking this system down with immediate effect, until the company can be confident it does not exhibit the same vulnerabilities.”

Z Energy operates in both New Zealand and Australia. New laws in Australia requiring companies to report data breaches took effect in late-February this year.

(Reporting by Ambar Warrick in Bengaluru and James Henderson)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Z Energy

Featured

Slideshows

EDGE 2019: Thought leaders share how to build a channel of the future

EDGE 2019: Thought leaders share how to build a channel of the future

Day 2 of EDGE was opened by in-depth research from TRA's Tim Dillon, which outlined the partner view on the channel's future. The following day saw Forrester's Jay McBain and Odgers Berndtson's Tim Sleep conclude the keynote line-up, while HPE and Cisco rounded off the thought leadership.

EDGE 2019: Thought leaders share how to build a channel of the future
Tech credentials on show during Ingram Micro One APAC

Tech credentials on show during Ingram Micro One APAC

Ingram Micro outlined the key technologies for future channel growth on the second day of Ingram Micro One APAC in Singapore, in front of more than 1300 business leaders.

Tech credentials on show during Ingram Micro One APAC
EDGE 2019: Dinner Under the Stars

EDGE 2019: Dinner Under the Stars

After an intensive day of keynotes, breakout sessions and networking, 300 delegates donned their whitest gladrags and unwinded at Edge's customary Dinner Under the Stars at Outrigger Marquee. Photos by: Christine Wong.

EDGE 2019: Dinner Under the Stars
Show Comments