Select Page

Incident: Portal flaw leads to some NDIS users losing money | iTWire

Posted by | Sep 11, 2018 | , , , , , , | 0 |

Incident: Portal flaw leads to some NDIS users losing money | iTWire

Australian Information Security Incident Reported: September 11 2018

A vulnerability in the service portal for the National Disability Insurance Scheme has allowed a number of providers to obtain personally identifiable information of users and steal money.

The flaw allowed any user or registered provider to gain access to random support pages for users by guessing a nine-digit plan number. Companies could then bill these users and receive payment right away.

In a statement, the National Disability Insurance Agency, the organisation running the scheme, said its Fraud Taskforce had identified “a small number of providers who may be seeking to exploit the NDIS”.

Source: iTWire – Portal flaw leads to some NDIS users losing money

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Uber says 1.2 million Australian accounts were breached in worldwide hack | afr.com

Uber says 1.2 million Australian accounts were breached in worldwide hack | afr.com

December 1, 2017

Incident: Corporate tech giant Accenture leaves secret data exposed to public internet | SMH

Incident: Corporate tech giant Accenture leaves secret data exposed to public internet | SMH

October 11, 2017

Audit: WA councils fail to detect simulated cyber attack in audit | iTnews

Audit: WA councils fail to detect simulated cyber attack in audit | iTnews

November 25, 2021

Incident: Taylor’s Winery Targeted By Hackers | 5AU 97.9

Incident: Taylor’s Winery Targeted By Hackers | 5AU 97.9

March 31, 2021

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Facial recognition technologies in retail: Clarifying the expectations
Facial recognition technologies in retail: Clarifying the expectations

In February 2026, the Administrative Review Tribunal (ART) delivered a decision that reshapes the privacy landscape for facial recognition technology… … [...]

Encrypted apps including Signal and Discord used by criminals to lure teens with intellectual disabilities into crime
Encrypted apps including Signal and Discord used by criminals to lure teens with intellectual disabilities into crime

Organised crime syndicates are using encrypted digital platforms to recruit vulnerable teenagers with intellectual disabilities, low IQ and no … [...]

Exclusive: 2019 claims cyber incident on Aussie ASX and financial market research firm
Exclusive: 2019 claims cyber incident on Aussie ASX and financial market research firm

A threat actor has claimed a cyber attack on an Australian finance and market research firm, allegedly having stolen personal customer data. • Tue, 09 … [...]

Exclusive: Aussie farming group launches investigation following Qilin cyber attack claims
Exclusive: Aussie farming group launches investigation following Qilin cyber attack claims

An Australian farming and produce company has said it is investigating claims of a cyber attack after it was listed online by an infamous threat … [...]

Exclusive: Hacker claims breach of Aussie travel agency, FirstClass, 53k customers potentially impacted
Exclusive: Hacker claims breach of Aussie travel agency, FirstClass, 53k customers potentially impacted

The threat actor behind Melbourne International Film Festival and Australian Centre for the Moving Image hacks claims another Australian victim, … [...]

How to protect your business when your IT vendor fails
How to protect your business when your IT vendor fails

Ensure you are notified Your IT contract should require the vendor to notify you promptly if it suffers an insolvency event. Ideally, the concept of … [...]

Attorney-General's Department contacted Australian Cyber Security Centre when notified of court privacy breach
Attorney-General's Department contacted Australian Cyber Security Centre when notified of court privacy breach

Litigants in at least 146 court matters were potentially involved in a data breach that is now the subject of a formal complaint with the privacy … [...]

Exclusive: Centrelink denies hacker claims of cyber attack
Exclusive: Centrelink denies hacker claims of cyber attack

A threat actor with a reputation for targeting Australian entities has claimed a cyber attack on government service Centrelink, a claim Centrelink … [...]

Why Australian boards can't ignore AI governance anymore - AICD
Why Australian boards can't ignore AI governance anymore - AICD

Purpose-built AI is reshaping the way Australian boards lead, decide and protect the organisations they oversee. Australian boards have never carried … [...]

Travellers warned of 'reservation hijacking' on travel booking sites | ABC NEWS
Travellers warned of 'reservation hijacking' on travel booking sites | ABC NEWS

Experts warn holidaymakers to be wary of scams on travel sites. This follows the travel website Booking.com being targeted in ‘reservation hijacking’. Professor Daswin de Silva says cybercriminals impersonate hotels [...]

More Australians targeted by Booking.com scams, with travellers lucrative targets for criminals
More Australians targeted by Booking.com scams, with travellers lucrative targets for criminals

Australian travellers are being left out of pocket and fearful their personal data has been stolen amid growing concerns over the security of online … [...]

Australia warns of ClickFix attacks pushing Vidar Stealer malware
Australia warns of ClickFix attacks pushing Vidar Stealer malware

The Australian Cyber Security Center (ACSC) is warning organizations of an ongoing malware campaign using the ClickFix social engineering technique … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading