Australian Information Security Incident Reported: August 15 2019
Sensitive personal data of hundreds of visa applicants accidentally leaked in email mishap
The personal health information of 317 people applying for Australian visas was accidentally emailed to a member of the general public, an ABC investigation has revealed.
Reported in: ABC News (Australia)
The security bungle occurred when a spreadsheet was sent by mistake to an unknown individual’s email address, because of a typo.
The privacy breach, which happened in 2015, occurred under the watch of Australia’s largest health insurance company, Bupa, and one of its subcontractors, Sonic HealthPlus (SHP).
Documents obtained under a Freedom of Information request by the ABC reveal that in August 2015, an SHP employee accidentally sent the names, dates of birth, and passport numbers of 317 people, along with “brief notes, summaries and comments about the status of the medical tests being conducted” to an unknown Gmail address.