Incident: RCR Tomlinson sat on staff data breach for three months | AFR

Incident: RCR Tomlinson sat on staff data breach for three months | AFR

Australian Information Security Incident Reported: August 19 2018

Engineering group RCR Tomlinson took three months to notify the Office of the Australian Information Commissioner that employees’ personal data, including bank account numbers and credit cards, had been accessed in an internet scam despite new laws requiring companies to inform the regulator in “a timely manner.”

Source: RCR Tomlinson sat on staff data breach for three months

OAIC Breach Notification Form: https://www.oaic.gov.au/resources/about-us/access-our-information/foi-disclosure-log/notifications/foireq18-00114-documents.pdf

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Click on the image for more

Dad's Password
Shares
Share This