Incident: Contractor breach exposes 50k Aussie govt, bank staff records | iTnews
Australian Information Security Incident Reported: November 2 2017
The personal details of almost 50,000 Australian employees of several government agencies, banks and a utility have been exposed online by a third-party contractor.
iTnews can reveal that 48,270 personal records were left openly accessible as a result of a misconfigured Amazon S3 bucket.
The files he found include full names, passwords, IDs, phone numbers, and email addresses as well as some credit card numbers and details on staff salaries and expenses.
Insurer AMP was the most impacted, with 25,000 staff records exposed as a result of the misconfiguration.