Hackers claim to have breached Aussie T2 specialty tea retailer; Data of 80,000 leaked online

Australian-based specialty tea retailer T2 (Tea Too) has allegedly fallen victim to hackers who claim to have breached the personal information of over 80,000 customers worldwide.

In a recent listing on a hacking forum, a threat actor using the handle ‘emo’ claims to have accessed sales data belonging to the tea retailer’s global operations, including 85,981 unique emails.

In his post dated April 17, the threat actor even credits another one of his ‘colleagues’ for the hack. “Credit to doubl for this breach,” the post reads.

Compromised data includes email and physical addresses, names, phone numbers, dates of birth, purchases and passwords stored as scrypt hashes.

The post also included a sample of the exfiltrated records analyzed by investigators at cyberdaily.au.

“Also included in the post is a sample of the data, which appears to be an entry for a single Australian customer. The data appears to be legitimate, as do the other files,” cyberdaily said.

The data is currently available for free on the data breach forum. Further analysis of the leaked records suggests that most of the files are from 2021.

“While the poster claims the hack is recent, most of the files date back to 2021,” the investigator added. “That said, the data includes several very large .XML files relating to in-progress orders, customer exports, customer wishlists, inventory details, and pricing books. Some of the documents even include messages to be included with products bought as gifts.”

Cybercrooks can use the aggregated information to craft persuasive social engineering attacks against customers.

Despite the lack of confirmation or official acknowledgment by T2 of the breach, we advise users to begin securing their accounts proactively. As such, we recommend resetting passwords, monitoring accounts, and scrutinizing all unrequested messages.

To defend against scams that could leverage stolen data, we recommend using Bitdefender Scamio, our free AI-powered scam detector. Have a chat with Scamio or send a link or photo via your web browser, Facebook Messenger or WhatsApp to receive recommendations and thwart security threats.

Users should also opt for our Digital Identity Protection service to stay informed about data breaches and leaks that can impact their identity and security.

Our dedicated identity protection service offers 24/7 alerts, a complete overview of your online footprint, and the industry's first Identity Protection Score, which helps you quickly understand the extent of a data breach and how it can impact your online safety, privacy and finances.