Select Page

NZ Incident: Data breach after lax New Zealand Transport Agency (NZTA) security | Stuff.co.nz

Posted by | Sep 9, 2019 | , , , , , | 0 |

NZ Incident: Data breach after lax New Zealand Transport Agency (NZTA) security | Stuff.co.nz

Data breach after lax New Zealand Transport Agency (NZTA) security

The NZ Transport Agency admits to a technology botch up leaving what was meant to be a highly secure data key wide open.

The transport agency can confirm the Google API was incorrectly left open as part of the Traffic Watcher pre-production set up.

The key is a unique code used to access data from Google’s application programming interface (API), in this case through 2018 and in early 2019. It was used to build Traffic Watcher, an online tool for transport operations centres, maintenance contractors and the police.

Sources familiar with the system said when Traffic Watcher was soft-launched in early 2019 this unique key was hardcoded into it, so those with simple IT skills could view and copy it. Equipped with that key, it was possible to access other API data with billing passed to NZTA.

Source: Data breach after lax New Zealand Transport Agency (NZTA) security

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: Particle accelerator hacked: Boffins’ hashed passwords beamed up | The Register

Incident: Particle accelerator hacked: Boffins’ hashed passwords beamed up | The Register

February 3, 2017

Incident: Details of 6000 supermarket customers at risk after hack | SMH

Incident: Details of 6000 supermarket customers at risk after hack | SMH

May 19, 2018

NZ Incident: New Zealand Reserve Bank urgently responding to ‘illegal data breach’ | SMH

NZ Incident: New Zealand Reserve Bank urgently responding to ‘illegal data breach’ | SMH

January 10, 2021

Incident: TAFE NSW staff details stolen after computer systems allegedly hacked | 9News

Incident: TAFE NSW staff details stolen after computer systems allegedly hacked | 9News

August 8, 2019

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand
Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand

Scammers observed impersonating Aussie toll operator Linkt and the New Zealand Police and Ministry of Justice. • Wed, 29 Apr 2026 • … [...]

NZ council cyber attack leads to ID and financial data being exposed
NZ council cyber attack leads to ID and financial data being exposed

A cyber attack impacting a New Zealand city council has compromised the data of hundreds of people. • Wed, 29 Apr 2026 • Security *]:clear-none … [...]

Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group
Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group

Hackers claim to have stolen 441 gigabytes of data, including internal correspondence, driver’s licence scans and revealing Christmas party photos. • … [...]

Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims
Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims

Major Australian ice-cream retailer Gelatissimo has launched an investigation into claims made by hackers that the company was breached in a … [...]

Most Australians leaving data open to cybercriminals
Most Australians leaving data open to cybercriminals

Two-thirds of Australians are sharing key information that makes them easy targets for scammers and cyber criminals. The new research from the Department of Home Affairs also found more than [...]

NSW Treasury staffer charged over major data breach | 7NEWS
NSW Treasury staffer charged over major data breach | 7NEWS

A 45-year-old New South Wales Treasury employee has been arrested and charged with accessing and downloading over 5,500 sensitive government documents containing confidential, commercial and financial information across multiple NSW [...]

Warning Anthropic's Mythos could pose cyber risk to banks and critical infrastructure | The Business
Warning Anthropic's Mythos could pose cyber risk to banks and critical infrastructure | The Business

Australian banks, power providers and infrastructure firms do not have access to test their systems against a powerful new AI cybersecurity risk, Anthropic's Mythos. Anthropic has claimed Claude Mythos is [...]

Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations
Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations

A newly published Australian Army Research Centre paper has highlighted the need for Australia to establish an Australian national cyber reserve … [...]

Generation Life informs customers of ‘cyber incident’ as owner shares incident with ASX
Generation Life informs customers of ‘cyber incident’ as owner shares incident with ASX

Australian investment firm Generation Life says there is no evidence of any unauthorised transaction, but is investigating a potential data breach. • … [...]

PAW 2026
PAW 2026

On this page Privacy Awareness Week 2026 Trust is built here. In every privacy complaint. In every resolution. Privacy Awareness Week (PAW) is an annual … [...]

RentTech platforms must stop unfair and excessive personal information collection, says Privacy Commissioner
RentTech platforms must stop unfair and excessive personal information collection, says Privacy Commissioner

A determination issued today by the Privacy Commissioner finds that the 2Apply rental technology platform, operated by InspectRealEstate (IRE), … [...]

Warfare and cyber attacks: Implications for Australian organisations
Warfare and cyber attacks: Implications for Australian organisations

In brief Coordinated cyber-attacks formed an integral part of the lead-up to and the opening phase of the 2026 Iran war, operating in tandem with … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading