Incident: Portal flaw leads to some NDIS users losing money | iTWire

Posted by Steven Kirby | Sep 11, 2018 | Australia, Australian InfoSec Incident, Australian InfoSec Incidents 2018, CyberCrime, Federal Government, iTWire, Medical and Health Care | 0 |

Australian Information Security Incident Reported: September 11 2018

A vulnerability in the service portal for the National Disability Insurance Scheme has allowed a number of providers to obtain personally identifiable information of users and steal money.

The flaw allowed any user or registered provider to gain access to random support pages for users by guessing a nine-digit plan number. Companies could then bill these users and receive payment right away.

In a statement, the National Disability Insurance Agency, the organisation running the scheme, said its Fraud Taskforce had identified “a small number of providers who may be seeking to exploit the NDIS”.

Source: iTWire – Portal flaw leads to some NDIS users losing money

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Incident: Tasmanians affected by security breach of third-party file transfer service | ABC News (Australia)
by Steven Kirby on April 2, 2023
Australian State Government Data Breach, 31 March 2023 Tasmanians affected by security breach of third-party file transfer service Tasmanian government …
Incident: ID, bank details, contact information at risk as cyber criminals hack PH Property Bendigo real estate agency | ABC News (Australia)
by Steven Kirby on April 2, 2023
Australian Property Group Data Breach, 30 March 2023 ID, bank details, contact information at risk as cyber criminals hack PH Property Bendigo real …
Calls to tighten AUKUS cyber security
by Sky News Australia on April 2, 2023
Top cyber security experts are calling on the Australian government to drastically increase the country's cyber security defences.Industry leaders are warnin...
Cyber criminals quick to ‘exploit vulnerabilities’ in companies
by Sky News Australia on April 2, 2023
Blackberry’s Sales Engineering APJ Director Jonathan Jackson says cyber criminals are incredibly quick and adept at being able to “exploit vulnerabilities”. ...
Alarming new ways criminals are now targeting Australians | 9 News Australia
by 9 News Australia on April 2, 2023
Cyber criminals are developing new ways to scam innocent individuals and businesses with NAB reporting a 38 per cent increase in scams reported to them this ...
Latitude Financial Confirms 7.9M Driver Licence Numbers Were Stolen In Cyber Hack l 10 News First
by 10 News First on April 2, 2023
Latitude Financial has confirmed that 7.9 million Australian and New Zealand customers had their driver license’s numbers stolen during the major cyber hack ...
‘Who can you trust anymore?’: Andrew Bolt reveals scam that cost him thousands
by Sky News Australia on April 2, 2023
Sky News host Andrew Bolt has revealed the scam that cost him thousands as he questions whether banks are doing enough to protect their customers from fraudu...
‘Aussies data is safe’: Head of TikTok Australia defends user data protection
on April 2, 2023
‘Aussies data is safe’: Head of TikTok Australia defends user data protection Sky News Australia See more videos SHARE SHARE TWEET SHARE EMAIL What to …
Incident: Crown Resorts investigating potential data breach after being contacted by hacking group | ABC News (Australia)
by Steven Kirby on March 30, 2023
Australian Cyber Security Incident, 27 March 2023 Crown Resorts investigating potential data breach after being contacted by hacking group The hackers …
Crown Resorts investigating potential global data breach | 9 News Australia
by 9 News Australia on March 30, 2023
Crown Resorts becomes the latest organisation to be caught up in a global data breach, claiming they are now investigating after it was contacted by a group ...

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

Featured

Incident: Tasmanians affected by security breach of third-party file transfer service | ABC News (Australia)

Featured

Incident: ID, bank details, contact information at risk as cyber criminals hack PH Property Bendigo real estate agency | ABC News (Australia)

Incident: Hotel and property giant Meriton hit by data hack, personal documents may be at risk | ABC News (Australia)

Incident: Superannuation fund NGS Super hit by cyber attack, 'limited data' taken from its system | ABC News (Australia)

Incident: Crown Resorts investigating potential data breach after being contacted by hacking group | ABC News (Australia)

Featured

Audit: Western Australia Auditor General's Local Government Financial Audit 2020-21 reports 358 information system control weaknesses

Featured

Audit: WA Auditor General tables the 2021 Financial Audit Results for Universities and TAFEs

Audit: Vic privacy watchdog uncovers third-party infosec risks at four agencies | iTnews

Audit: West Australian Local Government Information Systems Audit Report "a significant area of concern"

Audit: Queensland Audit Office Education 2021 Report finds "all need to strengthen their security"

Featured

Quote: Kirsten Manthorne "You are an essential ingredient in our ongoing effort to reduce Security Risk.”

Featured

Quote: H. Stanley Judd "The ultimate security is your understanding of reality."

Quote: Gilda Radner "There is no real security except for whatever you ..."

Quote: Germaine Greer "Security is when everything is settled, when nothing ..."

Quote: Chinese proverb "When planning for a year, plant corn. When planning for a ..."

Incident: Portal flaw leads to some NDIS users losing money | iTWire