Friday, 29 April 2016 19:35

Gumtree or Dumtree? Sales site suffers hack in Australia Featured


Australians love the ebay-owned Gumtree site, which lets anyone buy or sell products online, but there’s been a hack with some personal info accessed.

Gumtree. It’s now an online bazaar, or second-hand market that operates in online in various countries, and it is very popular in Australia.

Last weekend, Gumtree account holders had various bits of personal information accessed by an illegal hacker, clever enough to break past Gumtree’s defences.

In an email to account holders under the banner of ‘Important information’, Gumtree told it users that:

“We are writing to let you know that some of your Gumtree account information was compromised in a security attack last weekend. The attackers accessed your email address. Contact names and phone numbers, which are made publicly available on the site it provided, were also accessed.

“Your Gumtree account password was not accessed. Payment details were also not compromised; we don’t store any payment information on our site.

“We resolved the isolated attack within minutes of discovering it and since then we’ve taken extra steps to protect your information.”

In a subsequent statement, Gumtree added that “The affected users, privacy regulators and the Australian Federal Police have been notified."

"Safety and security of our community remains our number one priority and we continue to educate our users about staying safe online and identifying potential scams or phishing attempts from fraudulent parties.”

Of course, one always wonders why, after attacks occur, there are ‘extra steps taken to protect your information’ and why these steps weren’t taken BEFORE said information wasn’t protected well enough and pilfered.

That said, there are many reasons as to why something like this may happen, and of course, it is a massive warning to all site owners, from tech news publishers through to everyone else in business, large or small, to take all of the extra steps necessary to protect information as much as possible.

Thankfully, according to what Gumtree has stated, passwords and payment information weren’t breached, and were thus - presumably - stored on a different server and/or in a more robust way, and people can at the very least be happy about that.

More below, please read on.

The Australian Federal Government’s Scamwatch site put out an ‘Alert Priority High’ warning for potential phishing attacks that Gumtree was now warning about.

The Scamwatch site says: “Online classifieds website Gumtree is warning users to beware of phishing scams, keep account details secure, be on the lookout for fake emails and to report fake emails following a security breach last weekend.

“Gumtree has issued a statement acknowledging the breach and said the attackers had accessed the email addresses of some Gumtree users. 'The contact name and phone numbers of the affected Gumtree users were also accessed,' the statement says.”

'However, in those instances, the details were already made public on the site by the users themselves when they posted an ad.'

“The classifieds website says account passwords were not accessed and payment details were not compromised as it does not store payment information on the site.

“Gumtree has since taken extra steps to protect user information it says, and has notified affected users, privacy regulators and the Australian Federal Police.”

'Safety and security of our community remains our number one priority and we continue to educate our users about staying safe online and identifying potential scams or phishing attempts from fraudulent parties.'

The Stay Smart Online site says it {recommends Gumtree users remain alert for the potential misuse of email addresses, including potential attacks that may target personal or financial details.“

The site also has information showing consumers how to recognise scam or hoax emails and websites that you can read here.


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.



Recent Comments