Select Page

Incident: Portal flaw leads to some NDIS users losing money | iTWire

Incident: Portal flaw leads to some NDIS users losing money | iTWire

Australian Information Security Incident Reported: September 11 2018

A vulnerability in the service portal for the National Disability Insurance Scheme has allowed a number of providers to obtain personally identifiable information of users and steal money.

The flaw allowed any user or registered provider to gain access to random support pages for users by guessing a nine-digit plan number. Companies could then bill these users and receive payment right away.

In a statement, the National Disability Insurance Agency, the organisation running the scheme, said its Fraud Taskforce had identified “a small number of providers who may be seeking to exploit the NDIS”.

Source: iTWire – Portal flaw leads to some NDIS users losing money

About The Author

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Receive Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

* indicates required


Australian Cyber YouTube

Shares
Share This