This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Early Settler

Summary

On 3 August 2024, threat actor "Worry" posted Early Settler customer data for sale on a hacking forum for USD $2,000, exposing 1.1 million customers' names, email addresses, phone numbers, delivery addresses, and some dates of birth from an archived database dating to July 2022. Payment information was not compromised as Early Settler does not hold credit/bank card details. The company notified affected customers, OAIC, ACSC, and New Zealand authorities.

What Happened

Attackers accessed an archived Early Settler database from July 2022, exfiltrating 1.1 million customer records for sale on hacking forums.

Impact on Individuals

1.1 million Early Settler customers had contact details and some dates of birth exposed, creating phishing and identity theft risks.

Organisational Response

Early Settler investigated as priority, notified affected customers and authorities including OAIC and ACSC.

Verification Source: View original statement