Incident: AAMI, Suncorp suspend online insurance quote feature over burglary fears | SMH
Australian Information Security Incident Reported: December 5 2017
One of Australia’s largest home and contents insurers has suspended a new online feature that made private details about the security of peoples’ homes publicly accessible, including whether monitored alarm systems were installed on their premises.
Suncorp’s insurance arm, which includes AAMI, recently launched a new online feature designed to “make it easy” for consumers to obtain home and contents insurance quotes for their houses by filling out an online form.
But some of the answers to questions about homes were pre-populated, or pre-filled, based on past quotes filled in by customers (or potential customers), building records, or locations, sparking customer concerns about the privacy of their homes being exposed by anyone putting in their address.
Details exposed included whether a house had deadlocks, key-operated locks on windows, and burglar alarms and smoke detectors (monitored or not). This angered privacy advocates, who said it would be a treasure trove to criminals who wanted to break into homes that had weaker security systems in place.