Incident: Ricoh Australia Scrambles to Fix Document Leak | InfoRiskToday
Australian Information Security Incident Reported: July 20 2017
Ricoh’s Australia office has notified banks, government agencies, universities and many large businesses about a curious data breach that, in some cases, exposed login credentials for its multifunction devices.
At least two dozen organizations were affected, including the Australian Signals Directorate, the Civil Aviation Safety Authority, Australian Federal Police, Defence Science and Technology, Queensland Rail, ACT Government, NT Government, Deakin University, Charles Sturt University, Commonwealth Bank, NAB, IBM and Arthur J. Gallagher, an insurer.
It’s unclear how the documents – called run-up guides – were exposed on the internet and indexed by Google’s search engine. Ricoh says the leak remains under investigation.