Z Energy data privacy disclosure

In November last year Z Energy Limited was made aware of a potential vulnerability with the Z card system. At the time, Z Energy's internal IT department and external cybersecurity experts sought to find evidence of any data breach and could find none. Z Energy took steps at the time to improve the security of the system. Today, Z Energy Limited was presented with evidence that customer data from its Z card online database was accessed by a third party in November 2017. This database holds customer data such as name, address, registration number, vehicle type and credit limits with Z. The data accessed does not include bank details, pin numbers or information that would put customer finances directly at risk. This system enables the customer to manage their fleet directly rather than through requests to a call centre, e.g. change of cost centre for a vehicle within a large fleet. Having been presented with evidence of the privacy breach today, Z has immediately acted to let affected customers know what data may have been accessed and has also advised the Privacy Commissioner of the breach. Z is committed to assisting customers in any way possible in relation to this incident. The system concerned is no longer in operation having been closed on 15 December 2017. Z takes its data privacy responsibility and threats to cyber security very seriously and is taking steps to ensure the company learns from this incident. Media: Nicola Law 021 192 8181 / Georgina Ball 021 191 1433 Investor: Matt Hardwick 027 787 4688 End CA:00320018 For:ZEL Type:GENERAL Time:2018-06-27 17:07:22