Latest news with #DeanPurcell
NZ Herald
15-06-2025
- Business
- NZ Herald
Mighty Ape boss fronts over glitch that saw some users logged into other users' accounts
Cooper was also annoyed that a make-good offer from Mighty Ape (which he had not received) of a $50.00 credit required a minimum $50.01 purchase. And that there was no option for a user to cancel their Mighty Ape account via the site's account management console (the option is available via chat or by phoning Mighty Ape). Mighty Ape's communication to affected customers on May 30, seven days after the incident. Image / Consumer NZ In a May 30 article, Consumer NZ strongly criticised Mighty Ape's initial communication to customers, which it saw as too scant in detail. It did not think the online retailer had taken accountability because it had called the incident a 'technical issue'. The publication said the incident should have been defined as a data breach, not an IT error. No one at Mighty Ape would confirm details of what happened, including whether users had in fact found themselves logged into each other's accounts. In a June 13 interview with McEwan (the earliest he was available after a June 6 request), the Herald asked, was the May 22 incident a privacy breach? 'Oh, absolutely,' McEwan replied. 'And we proactively and voluntarily reached out to the Privacy Commissioner to let them know what had occurred and to share with them the details of what had happened and make sure that the actions that we're taking were the right actions, including how we communicated to customers and how we've addressed the issue moving forward.' McEwan picture in Mighty Ape's warehouse in Silverdale, north of Auckland. Photo / Dean Purcell What went wrong? 'We actually found that there was potential for people to be able to view other people's accounts. In this case, it affected 309 customers, and there was potential for them to then be able to view that account. 'I would definitely like to acknowledge the technical glitch that occurred. It was a caching issue. 'It affected a limited number of customers, and we take ownership for that and apologise for that, and we've been working forward with our customers to resolve any issues that may have happened.' 309 affected Consumer NZ chief executive Jon Duffy told the Herald, 'It's clear that in some instances users had full access to other users' accounts and undertook activity with those accounts.' One had even made an order on another user's credit card - to see if that was possible - then immediately cancelled the transaction. 'Based on what we have seen, we would expect Mighty Ape's conversations with the OPC [Office of the Privacy Commissioner] to have also included formal notification of a privacy breach as required by the Act,' Duffy said. McEwan says Mighty Ape's upgrade, which began last October, has added many technology features from Kogan that will benefit customers, as well as the new Marketplace that lets third-parties sell via the site. Photo / Dean Purcell 'Unfortunately, Mighty Ape has only provided general details of what has occurred here, so it is difficult to understand the full scale of the breach and make a definitive call.' A spokeswoman for the Privacy Commissioner confirmed Mighty Ape had been in touch about the breach, but refused to say if it had reached the threshold for a formal notification. Mighty Ape has never previously defined the 'limited number' of users affected. McEwan told the Herald it was 309. Were the initial communications too vague? (The initial public communication, and all public communications since, has made no mention of users' being able to log into other users' accounts.) 'We were quite broad in our statement, and then as we understood the issue further, we went back to those customers that were actually affected, to provide them further information and reassurance,' McEwan said. 'Absolutely we've taken ownership of it. We've contacted all those customers affected. In fact, initially, we over-communicated. 'We went out to a much broader group than what, as we investigated, was a limited number affected. It affected 309 customers, and there was potential for them to view other people's accounts.' But it wasn't just potential, was it? They found themselves logged into other users' accounts. They actually were logged into other users' accounts, the Herald said. 'Yep, that's correct,' McEwan replied. The MD said follow-up communications were full and frank, but were narrowcast to only the affected customers. Don't downplay an incident, expert says Privacy expert Frith Tweedie, a former EY partner, technology lawyer and now principal at Simply Privacy, offered more detail on what constitutes a data breach under the Privacy Act 2020 - but added that any organisation involved in a possible data breach had to consider reputational issues as much as the letter of the law. 'The definition of a 'privacy breach' is broad and it's important to understand that they don't only occur in your classic 'hacker in a hoodie' type scenarios,' Tweedie said. 'What matters is that unauthorised people were able to access other users' personal information [in the Mighty Ape incident], which counts as a 'privacy breach' under the Privacy Act. 'When an organisation gives incomplete information, it creates unnecessary anxiety and makes people feel like their privacy isn't being taken seriously" - Simply Privacy principal Frith Tweedie. 'The reported access to names, contact details, order history and even partial payment information makes it hard to argue that serious harm wasn't at least possible, which would make this a 'notifiable privacy breach'.' Tweedie added, 'Responding to a privacy or data breach isn't just a legal issue, it's also about trust'. 'People understand that mistakes happen, but they want fast, clear and direct communication when things do go wrong. 'When an organisation delays acknowledging a breach, or gives incomplete information, it creates unnecessary anxiety and makes people feel like their privacy isn't being taken seriously.' Should Mighty Ape have been taken offline? Consumer NZ said Mighty Ape should have taken its website offline until the breach was resolved - pointing to the action taken by gaming platform Steam in 2015. McEwan said there was no need to take the website down as it had contained the issue within two hours. Under new management ASX-listed Australian online retailer Kogan bought Mighty Ape for A$122.4 million ($128.3m) in 2020. As part of the deal, the site's founder, Simon Barton, and his immediate team stayed on until 2023. There's been a flurry of leadership changes since with three chief executives departing since the deal - most recently Daniel Balasoglou in February this year. Mighty Ape's website now has the same look design (if different branding) as its Australian parent and Dick Smith, whose online operations were also bought by Kogan. The upgrade that began in October was designed to introduce more under-the-bonnet Kogan systems. It also added a key new service, Mighty Ape Marketplace, which lets third-party retailers sell their goods via Mighty Ape. Glitch slashes Christmas season earnings In a half-year results investor presentation, filed to the ASX on February 25, covering the six months to December 31 2024, Kogan said: 'In late October 2024, the Mighty Ape website underwent a major upgrade, introducing enhanced functionality ... Mighty Ape active customers declined following technical issues experienced as part of the Mighty Ape website upgrade. 'Many technical issues identified have been resolved, with a recovery of financial and operational performance expected in the second half of FY2025.' In the final two months of last year, Mighty Ape only just managed to squeak to a A$100,000 operating earnings profit. 'The technical issues saw adjusted ebitda [earnings before interest, taxes and amortisation] reduce by 96.2% on the previously comparable period over the November and December 2024 peak sales period,' Kogan's filing said. Revenue fell 22.1% to A$30m over the two months. 'The team has been diagnosing and remedying many of the major issues, with some work yet to go. We expect to resolve all major issues in the coming period,' the filing said. It added that McEwan would be taking over from Balasoglou in a 'leadership change'. Balasoglou, who led Mighty Ape for less than a year, had a financial officer background, most recently as Lotto NZ's CFO. McEwan has had a career in logistics, including general manager of operations roles for DHL NZ and Ingram Micro NZ (which distributes products for Apple, Cisco, Nvidia and other big tech names. Upgrade blues continued In a May 20, 2025 business update filing to the ASX, offering a general business update for the quarter to April 30, Kogan said: 'Mighty Ape continued to be impacted by technical challenges following the website platform upgrade announced in February 2025, which affected sales performance and inventory levels. 'Throughout the period, the team progressively resolved several stability issues and gradually progressed towards restoring marketing efficiency. 'Early signs of recovery are evident, with gross sales showing positive momentum driven by the Mighty Ape Marketplace scaling rapidly since launch. 'Over the coming months, Mighty Ape will continue to right-size inventory levels. The company expects Mighty Ape to return to profitable trading performance in FY26.' McEwan said the upgrade had added many features from Kogan that would benefit customers and make the site more efficient, and that the new Marketplace feature let small retailers reach Mighty Ape's large-scale audience. A spokeswoman for the Office of the Privacy Commissioner confirmed Mighty Ape had been in touch to discuss the issue, but would not comment on whether a formal data breach notification had been warranted. Chris Keall is an Auckland-based member of the Herald's business team. He joined the Herald in 2018 and is the technology editor and a senior business writer.
NZ Herald
09-06-2025
- NZ Herald
Hamilton baby homicide: Man admits murder of baby, attempted murder of woman and child
The infant was killed at a home in Douglas Crescent in Hamilton on January 1 this year. Photo / Dean Purcell A 34-year-old man has admitted murdering a baby and trying to kill a woman and another child in a New Year's Day attack this year. The Hamilton infant died at a home in Douglas Cres on January 1, and an older child and a woman, understood to be their
NZ Herald
02-06-2025
- Business
- NZ Herald
Rich-lister's big private hospital investment, what plans for Manukau Supa Centa; Kiwi Property CEO's new pay package
First look inside the $190m-plus upgrade at the older Allevia Hospital in Epsom. Photo / Dean Purcell One of New Zealand's most well-known businessmen has been linked to a major private hospital development, Manukau Supa Centa's new owner talks future plans and Kiwi Property boss's pay package all in this week's Property Insider. A rich-lister's entity has the single biggest holding in New Zealand's largest private hospital
NZ Herald
17-05-2025
- NZ Herald
Police arrest fleeing driver of stolen car after Otahuhu chase
Police were called to Settlement Road outside Papakura Intermediate School, where a man was found with serious injuries. Video / Dean Purcell A Nelson-based alarm and security systems company shared a video of a suspected drunk driver slamming through its doors at full speed. Video / Nelson Alarms Security Systems A kiwi musician claims he was discriminated against after being refused entry to a downtown Auckland bar for breaking a tattoo policy that the bar will not provide to him. Christchurch local captures moment masked raiders take over a Christchurch Metro-Mart. Video / Supplied It's been six months since I interviewed Rocket Lab chief executive Sir Peter Beck. We have a lot to discuss following the space company's Q1 earnings! Video / Cameron Pitney US calls for leader-level peace talks, apprentice numbers drop, and Wellington fights public bullying in new campaign. Naples, Italy, has been confirmed as the host of the 38th America's Cup. Raised in the shadows – Canterbury artist Sheelagh McHaffie draws the light she's fought to find. Video / Frank Film Made with funding from NZ on Air. MetService National Weather Update: May 15 - May 18 Brooke van Velden thinks it is odd Winston Peters would criticise her for using the c-word. NZ Herald Business Editor-at-large, Liam Dann breaks down all you need to know about the upcoming budget. Video / NZ Herald Willis emphasises it should not be weaponised against women. Video / Jason Dorday Council of Trade Unions president Richard Wagstaff, economist Craig Renney and secretary Melissa Ansell-Bridges speak after meeting with Minister Brooke van Velden CCTV footage shows two hooded offenders using a stolen car to ram the front doors of a Temuka petrol station around 3.23am, before fleeing with stolen items. Minister for Social Investment, Nicola Willis talks to the media after a Pre-Budget 2025 Social Investment Speech at the Southern Initiative.
NZ Herald
26-04-2025
- Business
- NZ Herald
Kerikeri River at full spate after wet weather
Wendy's NZ owner Greg Flynn, chief executive and founder of Flynn Group, talks to Tom Raynel about the NZ business and his plans for growth in Australia. Video / Alyse Wright Thousands have gathered for Anzac Day services around the country as Kiwis remember our fallen servicemen and women. Video / Cherie Howie / NZ Herald Coverage of the dawn service for Anzac Day live from. Wellington. Video / TVNZ Don't bin those fabric scraps, Rover's birthday is coming up! Reporter Milla is at Waiōrea Community Recycling Centre, where upcycling workshops teach kids to make cool stuff. The state-owned bank is raising $500m in a bid to beat big Australian-owned banks. Is a capital injection enough to make it competitive? The company's brand ambassador is former Bachelor NZ star Art Green. Video / Ben Dickens / Carson Bluck Helicopter crews film thick flames and black smoke from a Wairau Valley business on Auckland's North Shore. Firefighters are responding to a significant fire at a commercial warehouse in Wairau Valley. Video / Dean Purcell / Inflite / Caleb Timms / Supplied A 16-year-old has been charged with the murder of the American student who was fatally attacked at an Auckland bus stop on St Johns Rd over the weekend. Video / Dean Purcell Taupō's Louisa Redward plummeted down a cliff from a rope swing in Taupō's Spa Thermal Park earlier this month. Minister of Transport Chris Bishop speaks to the media. Video / NZ Herald Banks stepping up their game in tackling scams, Winston Peters under sportlight after media comments and emotional conclusion to Podmore inquest. 100-year-old racer Les Harris leads a final lap from a ute, surrounded by family and fellow riders. Reporter Finlay is flipping out with Azaria Tai, an 8-year-old gymnast who has already conquered the region. Up next, the world! Police have closed half of Bowen Street in Wellington after a chemical-related incident . Video / Azaria Howell
