The popular petrol-buying app run by 7-Eleven was affected by a data breach which let the customers to view the names, email addresses, mobile numbers and dates of birth of other users.
The 7-Eleven fuel app, which has been downloaded more than two million times, was taken offline for few hours when a customer informed the company that he was able to access the personal information of several other customers via the app.
The app is very convenient for users to pay in advance for fuel and lock in lower petrol prices when need to fill up.
The customer stated that discovered the fault last week when he opened the app and found someone else’s information, including the amount of money in their account, their name, email address, phone number, and date of birth. He tried to logout and login again several times, but other people’s information appeared in the account when he logged back in.
After alerting 7-Eleven, wthey took down the app for maintenance. According to a spokesperson at 7-Eleven, the app was brought back online within few hours of resolving the issue. He stated that the issue has been reported to the relevant authorities and is under investigation. They refused to answer any questions at the moment.
According to Australian law, when a data breach that involves personal information is likely to cause serious harm, the companies are required to inform the office of the Australian information commissioner and the affected people.