Dozens of Canberrans caught up in Ateco Automotive data leak

To date 6,633 people are believed to be affected - of which 24 have addresses in the ACT.

Canberra-based teacher Tracey, who asked not to be identified for privacy reasons, received an email from the company on Tuesday notifying her to check her bank account.

Having never heard of Ateco before, she performed a quick Google search and noticed the company had listed John McGrath Auto Group, an operator of a number of car dealerships across Canberra, as a dealer on its website.

"I did have an LDV that I bought from them [John McGrath] and we ended up doing a swap for a different car with a different organisation earlier this year," Tracey told ACM.

"I have not provided my information to [Ateco] but I do know John McGrath would have had my driver's licence details when I test-drove the car, and my bank details when they had to refund a deposit.

"It's really concerning. I'm still trying to find out the level of details that they had."

After contacting the car dealership, Tracey was informed that her personal details including her driver's licence number would have been shared with Ateco for warranty purposes.

Investigations into the incident are still ongoing, a spokesperson from Ateco Automotive confirmed.

"The cyber incident affected the mailbox of the Ateco customer relations email address. That mailbox contained information provided to and sent by Ateco Automotive Pty Ltd pertaining to customer relations matters," they told ACM.

"The persons impacted were those people communicating with or from this one specific mailbox."

"No other authorities are involved. We've not heard from the OAIC, and the NSW Police have stated they see no cause to take any further action at this time," they said.

A spokesperson from the Office of the Information Commissioner has confirmed it was aware of the cyber breach, which is believed to have occurred between 2 October and 14 October.