Select Page

Incident: Orchard worker recruiter exposed sensitive personal data | iTnews

Posted by | Oct 29, 2020 | , , , , , , , , | 0 |

Incident: Orchard worker recruiter exposed sensitive personal data | iTnews

Australian Workers Data Exposed, October 29 2020

Orchard Tech a Melbourne company recruiting horticultural workers exposed sensitive personal data

AWS Simple Storage Service (S3) instance containing thousands of sensitive personal documents left open for anyone to access for over a month.

Source: Orchard worker recruiter exposed sensitive personal data | iTnews
More reports from: iTnews.

Melbourne-based security researcher Sami Toivonen found the open S3 storage instance on October 24 and told iTnews it contained images of passports, driver’s licences, tax forms, and employment contracts.

One search engine found 12,709 files including 532 passport and 422 driver’s licence images in the Orchard Tech S3 bucket.

Orchard Tech chief executive was contacted by Toivonen on October 27 and arranged for the S3 instance to be secured on that day.

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: Government left red-faced by health privacy commissioner’s website bungle | MSN Australia

Incident: Government left red-faced by health privacy commissioner’s website bungle | MSN Australia

July 18, 2018

Incident: Regis Healthcare loses data in Maze ransomware infection | iTnews

Incident: Regis Healthcare loses data in Maze ransomware infection | iTnews

August 3, 2020

Incident: Immigration’s 2014 data breach has cost it almost $1m so far | iTnews

Incident: Immigration’s 2014 data breach has cost it almost $1m so far | iTnews

February 19, 2014

Incident: Inquiry ordered over Victorian privacy breach involving vulnerable students | ABC News (Australia)

Incident: Inquiry ordered over Victorian privacy breach involving vulnerable students | ABC News (Australia)

April 12, 2017

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Exclusive: Data belonging to Aussie testing firm ALS Global makes its way to the dark web following May incident disclosure
Exclusive: Data belonging to Aussie testing firm ALS Global makes its way to the dark web following May incident disclosure

The Aur0ra ransomware group has published employee data, passwords, banking details, and testing records from an Australian company with a massive … [...]

ASD to retire Essential Eight cyber security framework within next two years
ASD to retire Essential Eight cyber security framework within next two years

The Australian Signals Directorate intends to retire its Essential Eight guidance framework within two years, to keep up with shifting cyber security … [...]

Privacy commissioner rules Medmate and Monash IVF breached privacy law through tracking pixels
Privacy commissioner rules Medmate and Monash IVF breached privacy law through tracking pixels

Landmark determinations against a pair of medical websites find that health providers must obtain consent before collecting sensitive information for … [...]

NSW gov puts $209m more into P25 network
NSW gov puts $209m more into P25 network

The NSW government will spend an extra $209 million over the next decade on the P25 radio network that supports emergency services’ communications. In … [...]

Qld gov backs technology projects with at least $340m
Qld gov backs technology projects with at least $340m

The Queensland government will release at least $256 million from a ‘digital fund’ for technology projects as part of its latest state budget. The … [...]

Six men charged over alleged insider fraud plot against construction giant Shadforth
Six men charged over alleged insider fraud plot against construction giant Shadforth

A Queensland police investigation has uncovered an alleged industrial espionage operation that potentially contributed to a major construction … [...]

Civil liberties organisation rails against deployment of facial recognition tech by WA Police
Civil liberties organisation rails against deployment of facial recognition tech by WA Police

The Western Australia Police Force will roll out live facial recognition in public spaces on 1 July, and Electronic Frontiers Australia calls the … [...]

Exclusive: National Portrait Gallery of Australia investigating data breach claims
Exclusive: National Portrait Gallery of Australia investigating data breach claims

Threat actor 2019 posts alleged National Portrait Gallery customer and client data to undergound hacking forum; names, emails, and location data … [...]

Australia joins US-led Exercise Valiant Shield 26 to test cyber and other domain capabilities
Australia joins US-led Exercise Valiant Shield 26 to test cyber and other domain capabilities

Australian Defence Force (ADF) personnel are getting ready to deploy to the Pacific to test defensive cooperation. Bethany Alvaro • Tue, 23 Jun 2026 • … [...]

"Must act now" to counter AI-borne cyber attacks, 'Five Eyes' says
"Must act now" to counter AI-borne cyber attacks, 'Five Eyes' says

Cyber security agencies in Australia, Canada, New Zealand, Britain and the United States are stepping up their awareness campaign around artificial … [...]

At a glance: data protection and management of health data in Australia
At a glance: data protection and management of health data in Australia

A Q&A guide to data protection and management for digital health in Australia, covering anonymised health data, enforcement, cybersecurity and … [...]

The misuse of information obtained through an ex-employee’s position: a broader cause of action for businesses - Mallesons Pulse Blog
The misuse of information obtained through an ex-employee’s position: a broader cause of action for businesses - Mallesons Pulse Blog

AI Summary ▼ The Full Court of the Federal Court has held that s 183(1) of the Corporations Act 2001 (Cth) provides a standalone cause of action … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading