Confidential data stolen from software provider whose customers include Woolworths

A company that provides cash register software to a Woolworths-owned hotel group has been hacked by Ukrainian cyber-criminals, with sensitive client details put up for sale on the internet. H&L Australia, whose clients include Woolworths-owned Australian Leisure and Hospitality (ALH) Group, provide point-of-sale (POS) systems for more than 300 restaurants and liquor stores as well as pubs and clubs.H&L confirmed to the ABC that a server containing marketing material and its client list, known as a Customer Relationship Management system, had been hacked but said no financial details had been stolen.”It’s no credit card or bank details,” chief executive Burt Admiraal said.”We don’t control or manage any of our [clients’] data.”It’s names and address of our client base, current and potential clients.”No other servers were compromised in any way.”

He said the hackers had found a weak link in their system and the company had now shut down the affected server.Mr Admiraal said the hack would have no impact on their cash register software in pubs and hotels.”We’ve been communicating with all of our clients now we’ve got a clear understanding of what our exposure was,” he said