Incident: Cosmetic surgery online mistake allows public viewing of women’s photos, private details | Daily Telegraph
Australian Information Security Incident Reported: June 3 2017
A SCANDAL-PLAGUED Sydney cosmetic surgery clinic has leaked the confidential details of hundreds of women from around Australia in an extraordinary privacy breach.
Teenagers are among those left shell-shocked after their names, home addresses, Medicare numbers and medical history were posted on the internet by The Cosmetic Institute in Bondi Junction.
Before-and-after photos of breast enhancements — as well as intimate photos of patients in swimwear — were also uploaded to a publicly accessible index of the clinic’s website.
The index of a website is normally private but an IT error allowed access to the public and there is no way of knowing who has visited the website to access the data.
