Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily.

Subscribe to our Newsletter

Powered by MOMENTUM MEDIA
Breaking news and updates daily. Subscribe to our Newsletter
facebook linkedin X Instagram youtube

Explore

SECTIONS

MORE

search button
Advertisement

Exclusive: Alleged data breach of NZ barber booking app claimed by threat actor

A threat actor has claimed a data breach of New Zealand digital booking app Tuipoint.

user icon Daniel Croft
Fri, 07 Mar 2025 Security
Exclusive: Alleged data breach of NZ barber booking app claimed by threat actor
expand image

Tuipoint is a smart queuing and digital booking service for barbers, based in the North Island of New Zealand. It currently operates in barber shops in both New Zealand and the UK.

In a post to a popular hacking forum, a threat actor by the name of “Blinkers” claimed a breach of Tuipoint, claiming they have a full database containing the user data of 414,205 users.

You’re out of free articles for this month

Within the listing, Blinkers posted a sample from the allegedly exfiltrated database, which contains the names, email addresses, phone numbers and more of what appear to be Tuipoint users.

Additionally, some of the listings are dated as recently as 5 March 2025.

Cyber Daily has investigated a number of the emails and determined that while several have been exposed in previous breaches, there are a number of emails unique to this breach.

Cyber Daily has reached out to Tuipoint for more information.

Late last year, push-to-talk walkie-talkie app Zello requested that its users reset their passwords following a security incident.

Zello, which is used by 140 million users, including first responders, transport workers, hospitality staff and more, pushed a notice over the last two weeks, starting 15 November, requesting that users reset passwords.

“Zello Security Notice – As a precaution, we are asking that you reset your Zello app password for any account created before November 2nd, 2024,” said the notice.

“We also recommend that you change your passwords for any other online services where you may have used the same password.”

Customers have otherwise not received any news as to why the passwords need to be reset. However, the specific date of before 2 November and the password reset suggests that a security incident may have resulted in threat actors gaining access to passwords in what could be a data breach, ransomware attack, or credential stuffing attack.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.
CD Logo

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED

Be the first to hear the latest developments in the cyber industry.

momentummedia media
most innovative companies awards

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

CATEGORIES

STAY CONNECTED

Copyright © 2025 MOMENTUMMEDIA