Incident: Misconfigured UTAS SharePoint site exposed 20,000 students’ details | iTnews

Posted by Steven Kirby | Sep 21, 2020 | 09 Access Control, Australian InfoSec Incidents 2020, Confidentiality, Configuration, Education and Training, iTnews, Privacy Breach, Tasmania | 0 |

Australian Privacy Exposure: September 21 2020

Misconfigured UTAS SharePoint site exposed 20,000 students’ details

Security settings allowed broad access to files.

University Statement: University of Tasmania Vice Chancellor’s Statement
Source: Misconfigured UTAS SharePoint site exposed 20,000 students’ details | iTnews
More reports from: iTnews.

The University of Tasmania has had to contact almost 20,000 students after their personal information was accidentally made accessible to all users with a UTAS email address.

The data that became accessible due to the breach varied for individual students but could have included birth dates as well as whether the student had a disability or identified as indigenous.

UTAS said the misconfiguration was active – and the files broadly accessible to anyone with a utas.gov.au email address – “from February 27 to August 11” of this year.

“The data, which is used to inform the ways the University supports students in their studies, contained personally identifiable information of 19,900 students,” it said.

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Greens push to legislate the ‘right to log off’ from work
by Justin Hendry Editor on March 21, 2023
The Greens are leading a push to allow workers to ignore emails, calls and texts outside of working hours, introducing legislation that would see …
Skin cancer survey hack may have 'compromised' personal details, Medicare numbers of participants
by By national technology reporter Danny Tran on March 21, 2023
Australia's biggest skin cancer study has been hit by an unpublicised data breach, with the personal details of more than 1,000 people feared to have …
ASX 200 stock IPH sinks 12% following cyber attack update
by Monica O'Shea on March 21, 2023
ASX 200 stock IPH sinks 12% following cyber attack update ASX 200 stock IPH sinks 12% following cyber attack update ASX 200 stock IPH Ltd (ASX: IPH) is …
Home Affairs' Marc Ablong destined for new national security role
by Ry Crozier on March 21, 2023
Home Affairs’ deputy secretary for strategic iniatives Marc Ablong is set to shift to a new “national security role”, prompting a reshuffle that also …
Business needs single cyber incident report portal: Productivity Commission
by Richard Chirgwin on March 20, 2023
The Productivity Commission has urged the government to give business a single cyber incident reporting portal to simplify the burden of a growing …
Impact of Latitude Financial cyber attack likely to spread
by Richard Chirgwin on March 20, 2023
Latitude Financial has warned that the number of customers affected by an ongoing cyber attack could continue to rise. The company said [pdf] it has …
Latitude Financial, skin cancer survey hack are some of the latest cyber attacks. What to do if you think you're at risk
by ABC News on March 20, 2023
There's been two more major data breaches from cyber hacks. Last week, it was Latitude Financial, in one of the first major hacks on a financial …
Skin cancer survey hack may have 'compromised' personal details | ABC News
by ABC News (Australia) on March 20, 2023
Australia's biggest skin cancer study has been hit by an unpublicised data breach. The ABC can reveal that cyber criminals broke into servers holding highly ...
VIDEO: Australia's largest skin cancer study hit by data breach
on March 20, 2023
Space to play or pause, M to mute, left and right arrows to seek, up and down arrows for volume. Duration: 3 minutes 25 seconds3m25s
Medical research institute suffered November data breach
by Richard Chirgwin on March 20, 2023
The QIMR Berghofer Medical Research Institute has disclosed a November data breach that affected more than 1000 individuals. The breach was first …

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

Featured

Incident: Frontier Software breach spreads to NSW Health | iTnews

Featured

Incident: ANZ bank apologises after customers' personal information found in Perth skip bin | ABC News (Australia)

Incident: The Good Guys customers possibly affected by data breach at former third-party provider My Rewards | ABC News (Australia)

Incident: Black and White Cabs booking service offline after cyber attack | ABC News (Australia)

Incident: Fire Rescue Victoria investigating security incident | iTnews

Featured

Audit: Western Australia Auditor General's Local Government Financial Audit 2020-21 reports 358 information system control weaknesses

Featured

Audit: WA Auditor General tables the 2021 Financial Audit Results for Universities and TAFEs

Audit: Vic privacy watchdog uncovers third-party infosec risks at four agencies | iTnews

Audit: West Australian Local Government Information Systems Audit Report "a significant area of concern"

Audit: Queensland Audit Office Education 2021 Report finds "all need to strengthen their security"

Featured

Quote: H. Stanley Judd "The ultimate security is your understanding of reality."

Featured

Quote: Gilda Radner "There is no real security except for whatever you ..."

Quote: Germaine Greer "Security is when everything is settled, when nothing ..."

Quote: Chinese proverb "When planning for a year, plant corn. When planning for a ..."

Quote: Anthony T. Hincks "Security just doesn't start ..."

Incident: Misconfigured UTAS SharePoint site exposed 20,000 students’ details | iTnews

Misconfigured UTAS SharePoint site exposed 20,000 students’ details

Security settings allowed broad access to files.