Perth Mint depository online data breach

Discussion of the Gold portion of the Permanent Portfolio

Moderator: Global Moderator

User avatar
sophie
Executive Member
Executive Member
Posts: 1959
Joined: Mon Apr 23, 2012 7:15 pm

Perth Mint depository online data breach

Post by sophie » Sat Sep 08, 2018 7:23 am

Email notice this AM:
Dear Customer,



We are writing to let you know that The Perth Mint has experienced a data breach involving the personal information of 13 Depository Online customers.

At the outset we want to assure you that your Depository Online investment account at The Perth Mint remains secure and has not been affected in any way.

Our forensic investigation to date indicates that the breach occurred as a result of data being taken from information held by a third-party provider.

We are in the process of contacting the 13 clients whose data has been breached and offering them assistance to help prevent their personal information from being misused.

Our investigation is ongoing, and we are working with the external third-party provider to understand how this breach occurred.

We have taken immediate steps to nullify the identified threat and can assure your account and our systems remain secure.

Further information in relation to our response to the data breach is available on our website www.perthmint.com/data

If you would like to contact us in relation to this matter please email our depository team at depository@perthmint.com or call on +61 8 9421 7250.
I'm glad they're taking it seriously, but would be nice to know what they mean by "nullifying" a data breach. And of course, this is a reminder of the risks of third party holdings (to be set against risks of holding physical gold).
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Sat Sep 08, 2018 11:06 am

Thank you for sharing, Sophie.
That is unnerving news!
I commend them for being forthright, not like Yahoo. Still, Are you going to stick with them?
Sam Bankman-Fried sentenced to 25 years
User avatar
sophie
Executive Member
Executive Member
Posts: 1959
Joined: Mon Apr 23, 2012 7:15 pm

Re: Perth Mint depository online data breach

Post by sophie » Sat Sep 08, 2018 11:40 pm

Yes, I'm sticking with my holdings. I did change my password and will keep an eye on news from the Mint.

Even with this, I think it's still safer than an ETF.
User avatar
eufo
Executive Member
Executive Member
Posts: 243
Joined: Mon Dec 05, 2016 7:17 pm

Re: Perth Mint depository online data breach

Post by eufo » Sun Sep 09, 2018 10:52 am

sophie wrote:
Sat Sep 08, 2018 11:40 pm
I think it's still safer than an ETF.
+1

I still hold some in GLDM, but I'm prepared for it to be forfeit.
Don't agree with me too strongly or I'm going to change my mind
User avatar
Kriegsspiel
Executive Member
Executive Member
Posts: 4052
Joined: Sun Sep 16, 2012 5:28 pm

Re: Perth Mint depository online data breach

Post by Kriegsspiel » Sun Sep 09, 2018 11:45 am

I like to hold my gold in my hand and between my teeth, and maybe see how tall of a tower I can stack on my forehead when I'm laying down; not entrust it to some bullshit encyption.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Sun Sep 09, 2018 1:45 pm

Kriegsspiel wrote:
Sun Sep 09, 2018 11:45 am
I like to hold my gold in my hand and between my teeth, and maybe see how tall of a tower I can stack on my forehead when I'm laying down; not entrust it to some bullshit encyption.
The space between my teeth isn’t big enough, but I like getting the “expense ratio”, if we can call it that— well, the fee to hold it —over with at the beginning. All my non-gold funds pay a dividend that makes an ongoing fee of, say, 0.25%, more than tolerable.

There are a lot of posts, including from me, about the angst of holding and transporting physical gold. It can indeed be nerve wracking, and that’s why the Perth Mint depository could be a great alternative. I think if I had pounds and pounds of the stuff, I might still go for it.
Sam Bankman-Fried sentenced to 25 years
Mr Vacuum
Executive Member
Executive Member
Posts: 164
Joined: Tue Jan 19, 2016 11:51 am

Re: Perth Mint depository online data breach

Post by Mr Vacuum » Mon Sep 17, 2018 6:13 pm

The breach grows: Perth Mint Confirms More Customers Involved In Data Breach

I received notice this morning my account information was among those compromised, including "the numbers of your bank account, your passport and/or driver’s license." Further, "The information illegally accessed was taken from an old 2016 database." So sloppy. I went through the hassle of account setup around then and never even funded it.

I contacted my bank and they recommending closing my account. I've had many credit card numbers compromised, but this is the first bank account number.

Credit is already frozen after the Equifax mess.

Now to switch over all the direct deposit and bill pay EFTs, and find out if anything needs to be done about the passport and/or driver's license numbers.
User avatar
sophie
Executive Member
Executive Member
Posts: 1959
Joined: Mon Apr 23, 2012 7:15 pm

Re: Perth Mint depository online data breach

Post by sophie » Mon Sep 17, 2018 10:25 pm

Well, that's not pleasant....so they make all this fuss about requiring passports and not allowing you to change attached bank accounts, and then they hand all this data to a "third party" with sloppy system security?

I think they know that security is what their brand is made of. Hopefully this is a wakeup call.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Tue Sep 18, 2018 11:14 am

Mr Vacuum wrote:
Mon Sep 17, 2018 6:13 pm
The breach grows: Perth Mint Confirms More Customers Involved In Data Breach

I received notice this morning my account information was among those compromised, including "the numbers of your bank account, your passport and/or driver’s license." Further, "The information illegally accessed was taken from an old 2016 database."
...
Wow. Ok, I think I'm better off just continuing to buy physical. That's not to say that there won't be a breach at my vendor, and routing numbers and account numbers can be gleaned from check images. I'll take my chances.
Thank you for posting this.
Sam Bankman-Fried sentenced to 25 years
User avatar
Kriegsspiel
Executive Member
Executive Member
Posts: 4052
Joined: Sun Sep 16, 2012 5:28 pm

Re: Perth Mint depository online data breach

Post by Kriegsspiel » Tue Sep 18, 2018 11:35 am

Mr Vacuum wrote:
Mon Sep 17, 2018 6:13 pm


Credit is already frozen after the Equifax mess.

Just wait until you need to unfreeze it, they're hilariously incompetent. After failing to unfreeze mine through the website for days on end so that I could get utilities set up at my new place, I followed their instructions for mailing in a paper request. Weeks later, I got a letter back: "Sorry, we were unable to process your request to freeze your minor child's credit, etc etc we are dumb as fuck."
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Tue Sep 18, 2018 11:54 am

They had one job. O0
Sam Bankman-Fried sentenced to 25 years
User avatar
Xan
Administrator
Administrator
Posts: 4392
Joined: Tue Mar 13, 2012 1:51 pm

Re: Perth Mint depository online data breach

Post by Xan » Tue Sep 18, 2018 12:14 pm

dualstow wrote:
Tue Sep 18, 2018 11:14 am
Mr Vacuum wrote:
Mon Sep 17, 2018 6:13 pm
The breach grows: Perth Mint Confirms More Customers Involved In Data Breach

I received notice this morning my account information was among those compromised, including "the numbers of your bank account, your passport and/or driver’s license." Further, "The information illegally accessed was taken from an old 2016 database."
...
Wow. Ok, I think I'm better off just continuing to buy physical. That's not to say that there won't be a breach at my vendor, and routing numbers and account numbers can be gleaned from check images. I'll take my chances.
Thank you for posting this.
Pay cash at a local coin shop.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Tue Sep 18, 2018 1:48 pm

Xan wrote:
Tue Sep 18, 2018 12:14 pm
Pay cash at a local coin shop.
I think I might sell a coin at a time for cash one day*, but carrying cash in the city brings its own risks. I never carry more than $100, let alone the $1200 I'd need today for an ounce of gold bullion.

*In the future, if I'm lucky enough to sell a coin for, say, $2000..Hmm, I'd probably accept a check.
Sam Bankman-Fried sentenced to 25 years
User avatar
jhogue
Executive Member
Executive Member
Posts: 755
Joined: Wed Jun 28, 2017 10:47 am

Re: Perth Mint depository online data breach

Post by jhogue » Wed Sep 19, 2018 11:06 am

Pugchief,

Did you consciously decide at some point not to hold physical gold? Or, is it perhaps the consequence of the tax structure of your investment portfolio?
“Groucho Marx wrote:
A stock trader asked him, "Groucho, where do you put all your money?" Groucho was said to have replied, "In Treasury bonds", and the trader said, "You can't make much money on those." Groucho said, "You can if you have enough of them!"
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Wed Sep 19, 2018 1:36 pm

MangoMan wrote:
Wed Sep 19, 2018 12:51 pm
...
And what makes anyone think the Perth Mint is somehow safer than an ETF?
I don't think it's safer, but I like it better. Or, I did, rather. While I applaud them for being up front about the breach -- I'm looking at you, Marissa Mayer -- they are no longer on my list of possible storage solutions. I *would* buy coins from them, though.
Sam Bankman-Fried sentenced to 25 years
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Sat Jul 20, 2019 1:31 pm

Any update on this, Sophie? Have things gotten better or worse? The same?
Sam Bankman-Fried sentenced to 25 years
User avatar
sophie
Executive Member
Executive Member
Posts: 1959
Joined: Mon Apr 23, 2012 7:15 pm

Re: Perth Mint depository online data breach

Post by sophie » Sun Jul 21, 2019 7:45 am

No info has been forthcoming and I doubt there will be anything. I wrote to them and got a snippy letter back that said I was welcome to take my business elsewhere if I wasn't happy with their security practices. I guess that means they will continue to outsource their Depository Online website & security.

I'm still not sure what to do, but I suspect that compared to private bullion services like Goldmoney or Texas Depository, they're neither more nor less safe. Their depository program is much safer than Depository Online, because it's managed on a computer with no internet access and you have to place a phone call to make purchases or withdrawals. They used to specify a minimum opening balance for the depository program, but I can't find it on the website? Wonder if that means they no longer hold you to a minimum?? Guess I'll have to ask them.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Sun Jul 21, 2019 10:20 am

A snippy letter back, eh? (sigh) I guess there is no perfect solution for physical.
And I don’t want etf’s. I’d rather not own gold at all than have just etf’s.
Thanks just the same for the follow-up.
Sam Bankman-Fried sentenced to 25 years
User avatar
Kriegsspiel
Executive Member
Executive Member
Posts: 4052
Joined: Sun Sep 16, 2012 5:28 pm

Re: Perth Mint depository online data breach

Post by Kriegsspiel » Sun Jul 21, 2019 10:39 am

dualstow wrote:
Sun Jul 21, 2019 10:20 am
A snippy letter back, eh? (sigh) I guess there is no perfect solution for physical.
And I don’t want etf’s. I’d rather not own gold at all than have just etf’s.
Thanks just the same for the follow-up.
Why don't you just buy some coins and keep them in your home?
You there, Ephialtes. May you live forever.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Sun Jul 21, 2019 10:45 am

Kriegsspiel wrote:
Sun Jul 21, 2019 10:39 am
dualstow wrote:
Sun Jul 21, 2019 10:20 am
A snippy letter back, eh? (sigh) I guess there is no perfect solution for physical.
And I don’t want etf’s. I’d rather not own gold at all than have just etf’s.
Thanks just the same for the follow-up.
Why don't you just buy some coins and keep them in your home?
I do. Some there, some at my dad’s — he already has his own numismatics there or I wouldn’t expose him — and some at the bank.
Sam Bankman-Fried sentenced to 25 years
User avatar
Kriegsspiel
Executive Member
Executive Member
Posts: 4052
Joined: Sun Sep 16, 2012 5:28 pm

Re: Perth Mint depository online data breach

Post by Kriegsspiel » Sun Jul 21, 2019 2:24 pm

Oh ok, the way you said it it...
You there, Ephialtes. May you live forever.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Sun Jul 21, 2019 5:31 pm

Kriegsspiel wrote:
Sun Jul 21, 2019 2:24 pm
Oh ok, the way you said it it...
There is no comfort, no ideal, but I’m making do.
First World Problem, yes. O0
Sam Bankman-Fried sentenced to 25 years
User avatar
sophie
Executive Member
Executive Member
Posts: 1959
Joined: Mon Apr 23, 2012 7:15 pm

Re: Perth Mint depository online data breach

Post by sophie » Tue Jul 23, 2019 8:34 am

I got a response back: Depository Program no longer has minimums, so anyone can now use it. Nice, except that fees to purchase are high compared to Depository Online if your account is under $250K (2% with DP, vs. 0.5% with DO when you buy on a monthly schedule).

Since my login info, passport etc were part of the data breach, I'm wondering how much more secure I'd be in reality. Also, am asking them if they outsource security for DP as well....if so, then I wouldn't go for it. Otherwise, the extra purchase fee might be worth paying in exchange for extra security...what do you all think?

And yes I have some physicial gold, and ETFs in tax-advantaged accounts. I wanted the international diversification.
User avatar
dualstow
Executive Member
Executive Member
Posts: 14231
Joined: Wed Oct 27, 2010 10:18 am
Location: synagogue of Satan
Contact:

Re: Perth Mint depository online data breach

Post by dualstow » Tue Jul 23, 2019 9:45 am

sophie wrote:
Tue Jul 23, 2019 8:34 am
Since my login info, passport etc were part of the data breach,
I gave my info to Kraken, passport info included, just to access the bitcoin that Marc gave away, and it didn't work. Oops. At least you have your gold.
Sam Bankman-Fried sentenced to 25 years
User avatar
sophie
Executive Member
Executive Member
Posts: 1959
Joined: Mon Apr 23, 2012 7:15 pm

Re: Perth Mint depository online data breach

Post by sophie » Wed Jul 24, 2019 6:04 pm

Possibly helpful response from Perth Mint:
The Depository Online utilises a very current and high security data storage service, unfortunately in this world we are unable to provide guarantee that a breach won’t be attempted in the future, but please be assured that we are actively doing everything we can to prevent this. Please know that all balances on the account are completely guaranteed by the Western Australian Government.

The data for the Depository Program is held “in house” and is not held with a third party.
Well...what do you all think? I'm still on the fence about whether paying the extra 1.5% commission is worth an extra level of safety. Good to know that they'll restore the account if something happens.
Post Reply