Friday, 29 April 2016 19:35

Gumtree or Dumtree? Sales site suffers hack in Australia Featured


Australians love the ebay-owned Gumtree site, which lets anyone buy or sell products online, but there’s been a hack with some personal info accessed.

Gumtree. It’s now an online bazaar, or second-hand market that operates in online in various countries, and it is very popular in Australia.

Last weekend, Gumtree account holders had various bits of personal information accessed by an illegal hacker, clever enough to break past Gumtree’s defences.

In an email to account holders under the banner of ‘Important information’, Gumtree told it users that:

“We are writing to let you know that some of your Gumtree account information was compromised in a security attack last weekend. The attackers accessed your email address. Contact names and phone numbers, which are made publicly available on the site it provided, were also accessed.

“Your Gumtree account password was not accessed. Payment details were also not compromised; we don’t store any payment information on our site.

“We resolved the isolated attack within minutes of discovering it and since then we’ve taken extra steps to protect your information.”

In a subsequent statement, Gumtree added that “The affected users, privacy regulators and the Australian Federal Police have been notified."

"Safety and security of our community remains our number one priority and we continue to educate our users about staying safe online and identifying potential scams or phishing attempts from fraudulent parties.”

Of course, one always wonders why, after attacks occur, there are ‘extra steps taken to protect your information’ and why these steps weren’t taken BEFORE said information wasn’t protected well enough and pilfered.

That said, there are many reasons as to why something like this may happen, and of course, it is a massive warning to all site owners, from tech news publishers through to everyone else in business, large or small, to take all of the extra steps necessary to protect information as much as possible.

Thankfully, according to what Gumtree has stated, passwords and payment information weren’t breached, and were thus - presumably - stored on a different server and/or in a more robust way, and people can at the very least be happy about that.

More below, please read on.

The Australian Federal Government’s Scamwatch site put out an ‘Alert Priority High’ warning for potential phishing attacks that Gumtree was now warning about.

The Scamwatch site says: “Online classifieds website Gumtree is warning users to beware of phishing scams, keep account details secure, be on the lookout for fake emails and to report fake emails following a security breach last weekend.

“Gumtree has issued a statement acknowledging the breach and said the attackers had accessed the email addresses of some Gumtree users. 'The contact name and phone numbers of the affected Gumtree users were also accessed,' the statement says.”

'However, in those instances, the details were already made public on the site by the users themselves when they posted an ad.'

“The classifieds website says account passwords were not accessed and payment details were not compromised as it does not store payment information on the site.

“Gumtree has since taken extra steps to protect user information it says, and has notified affected users, privacy regulators and the Australian Federal Police.”

'Safety and security of our community remains our number one priority and we continue to educate our users about staying safe online and identifying potential scams or phishing attempts from fraudulent parties.'

The Stay Smart Online site says it {recommends Gumtree users remain alert for the potential misuse of email addresses, including potential attacks that may target personal or financial details.“

The site also has information showing consumers how to recognise scam or hoax emails and websites that you can read here.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.



Recent Comments