Comments by James Buonopane, Corporate and Finance Director, ALDI Australia
To support the recruitment of ALDI staff across Australia we use a third party software service called PageUp. Recently, alongside a number of other companies, we were informed that the system we use had suffered a data breach that may have compromised the information provided by job applicants. On learning of this news we immediately suspended the service and cut off all links to the PageUp service as a precautionary measure.
I am writing to inform current job applicants of what to do:
- As the investigations continue, no job applications will be managed through the PageUp system
- If you have already submitted your application for a role and have been invited to an interview or assessment centre, please email firstname.lastname@example.org with your contact details, the role you have applied for and the location of the role. Our recruitment team will pass your details onto the relevant hiring manager
- If you have already submitted an application for a role but have not yet been contacted by ALDI, please follow the links below and reapply to any jobs of interest
And, to provide an update for those people that have applied for a job and are concerned about your personal information:
As one of Australia’s largest employers, we are aware of the impact that this data breach has had on potential employees of ALDI. We are both frustrated and concerned that such a serious incident has occurred. First up, we want to reassure applicants that we are continuing to work with PageUp to minimise any impact this may have on ALDI specific recruitment information. If past or present applicants are affected, we will notify these individuals and provide recommendations on steps to be taken.
Since the breach, PageUp have confirmed they are confident that sensitive details such as resumes, ID documents, employment contracts, banking details and Tax Files Numbers have not been affected. In most cases, the personal information that could be potentially impacted is the applicant’s name, phone number, application history and email address.
As an initial step, we advise any concerned applicants to consider updating their passwords, if the same password was used in the application process. We also recommend you consciously monitor your personal accounts for any unusual activity.
Further to updating your passwords and monitoring your accounts, we recommend you remain aware of potential phishing emails and telephone calls from businesses or institutions requesting your personal information. As such, we ask that you avoid opening any attachments received via email or social media from unknown senders.
The Office of the Australian Information Commissioner (OAIC) has advised that anyone concerned about their information being breached should contact PageUp in the first instance at email@example.com. More information about the security breach can be found on PageUp’s website.
If you are not satisfied with their response, the OAIC can be contacted directly at www.oaic.gov.au or on 1300 363 992. The OAIC has also published resources for those affected by a data breach and the action they can take, which can be found on its website.
What we have done in response:
- Suspended use of PageUp’s systems to process job applications
- Met with PageUp to understand what steps they are taking and offer the support of our cyber security services
- Engaged privacy and information security experts across the industry to further understand how we can help people who may have been impacted
We will continue to work with PageUp to obtain further information. We will update the public about the situation as more information comes to hand and if we learn that ALDI job applicants have had their information compromised, we will notify them directly.