Page 1 of 4

Perth Mint depository online data breach

Posted: Sat Sep 08, 2018 7:23 am
by sophie
Email notice this AM:
Dear Customer,



We are writing to let you know that The Perth Mint has experienced a data breach involving the personal information of 13 Depository Online customers.

At the outset we want to assure you that your Depository Online investment account at The Perth Mint remains secure and has not been affected in any way.

Our forensic investigation to date indicates that the breach occurred as a result of data being taken from information held by a third-party provider.

We are in the process of contacting the 13 clients whose data has been breached and offering them assistance to help prevent their personal information from being misused.

Our investigation is ongoing, and we are working with the external third-party provider to understand how this breach occurred.

We have taken immediate steps to nullify the identified threat and can assure your account and our systems remain secure.

Further information in relation to our response to the data breach is available on our website www.perthmint.com/data

If you would like to contact us in relation to this matter please email our depository team at depository@perthmint.com or call on +61 8 9421 7250.
I'm glad they're taking it seriously, but would be nice to know what they mean by "nullifying" a data breach. And of course, this is a reminder of the risks of third party holdings (to be set against risks of holding physical gold).

Re: Perth Mint depository online data breach

Posted: Sat Sep 08, 2018 11:06 am
by dualstow
Thank you for sharing, Sophie.
That is unnerving news!
I commend them for being forthright, not like Yahoo. Still, Are you going to stick with them?

Re: Perth Mint depository online data breach

Posted: Sat Sep 08, 2018 11:40 pm
by sophie
Yes, I'm sticking with my holdings. I did change my password and will keep an eye on news from the Mint.

Even with this, I think it's still safer than an ETF.

Re: Perth Mint depository online data breach

Posted: Sun Sep 09, 2018 10:52 am
by eufo
sophie wrote:
Sat Sep 08, 2018 11:40 pm
I think it's still safer than an ETF.
+1

I still hold some in GLDM, but I'm prepared for it to be forfeit.

Re: Perth Mint depository online data breach

Posted: Sun Sep 09, 2018 11:45 am
by Kriegsspiel
I like to hold my gold in my hand and between my teeth, and maybe see how tall of a tower I can stack on my forehead when I'm laying down; not entrust it to some bullshit encyption.

Re: Perth Mint depository online data breach

Posted: Sun Sep 09, 2018 1:45 pm
by dualstow
Kriegsspiel wrote:
Sun Sep 09, 2018 11:45 am
I like to hold my gold in my hand and between my teeth, and maybe see how tall of a tower I can stack on my forehead when I'm laying down; not entrust it to some bullshit encyption.
The space between my teeth isn’t big enough, but I like getting the “expense ratio”, if we can call it that— well, the fee to hold it —over with at the beginning. All my non-gold funds pay a dividend that makes an ongoing fee of, say, 0.25%, more than tolerable.

There are a lot of posts, including from me, about the angst of holding and transporting physical gold. It can indeed be nerve wracking, and that’s why the Perth Mint depository could be a great alternative. I think if I had pounds and pounds of the stuff, I might still go for it.

Re: Perth Mint depository online data breach

Posted: Mon Sep 17, 2018 6:13 pm
by Mr Vacuum
The breach grows: Perth Mint Confirms More Customers Involved In Data Breach

I received notice this morning my account information was among those compromised, including "the numbers of your bank account, your passport and/or driver’s license." Further, "The information illegally accessed was taken from an old 2016 database." So sloppy. I went through the hassle of account setup around then and never even funded it.

I contacted my bank and they recommending closing my account. I've had many credit card numbers compromised, but this is the first bank account number.

Credit is already frozen after the Equifax mess.

Now to switch over all the direct deposit and bill pay EFTs, and find out if anything needs to be done about the passport and/or driver's license numbers.

Re: Perth Mint depository online data breach

Posted: Mon Sep 17, 2018 10:25 pm
by sophie
Well, that's not pleasant....so they make all this fuss about requiring passports and not allowing you to change attached bank accounts, and then they hand all this data to a "third party" with sloppy system security?

I think they know that security is what their brand is made of. Hopefully this is a wakeup call.

Re: Perth Mint depository online data breach

Posted: Tue Sep 18, 2018 11:14 am
by dualstow
Mr Vacuum wrote:
Mon Sep 17, 2018 6:13 pm
The breach grows: Perth Mint Confirms More Customers Involved In Data Breach

I received notice this morning my account information was among those compromised, including "the numbers of your bank account, your passport and/or driver’s license." Further, "The information illegally accessed was taken from an old 2016 database."
...
Wow. Ok, I think I'm better off just continuing to buy physical. That's not to say that there won't be a breach at my vendor, and routing numbers and account numbers can be gleaned from check images. I'll take my chances.
Thank you for posting this.

Re: Perth Mint depository online data breach

Posted: Tue Sep 18, 2018 11:35 am
by Kriegsspiel
Mr Vacuum wrote:
Mon Sep 17, 2018 6:13 pm


Credit is already frozen after the Equifax mess.

Just wait until you need to unfreeze it, they're hilariously incompetent. After failing to unfreeze mine through the website for days on end so that I could get utilities set up at my new place, I followed their instructions for mailing in a paper request. Weeks later, I got a letter back: "Sorry, we were unable to process your request to freeze your minor child's credit, etc etc we are dumb as fuck."

Re: Perth Mint depository online data breach

Posted: Tue Sep 18, 2018 11:54 am
by dualstow
They had one job. O0

Re: Perth Mint depository online data breach

Posted: Tue Sep 18, 2018 12:14 pm
by Xan
dualstow wrote:
Tue Sep 18, 2018 11:14 am
Mr Vacuum wrote:
Mon Sep 17, 2018 6:13 pm
The breach grows: Perth Mint Confirms More Customers Involved In Data Breach

I received notice this morning my account information was among those compromised, including "the numbers of your bank account, your passport and/or driver’s license." Further, "The information illegally accessed was taken from an old 2016 database."
...
Wow. Ok, I think I'm better off just continuing to buy physical. That's not to say that there won't be a breach at my vendor, and routing numbers and account numbers can be gleaned from check images. I'll take my chances.
Thank you for posting this.
Pay cash at a local coin shop.