Australian Detailed Privacy Breach: September 25 2020

Scouts Victoria data breach potentially nets 900 people’s personal details

Including bank details, birth certificates and court orders.

Company Statement: Scouts Victoria Notification: Data security incident 24-09-2020
Source: Scouts Victoria data breach potentially nets 900 people’s personal details | iTnews
More reports from: iTnews.

Scouts Victoria has notified approximately 900 individuals whose personal details may have been accessed by third parties when staff email inboxes were breached.

In late July and early August of this year, we identified unauthorised activity where third parties gained access to staff email inboxes, most likely using scamming techniques commonly known as ‘phishing’.

The investigation found that correspondence relating to a number of individuals associated with Scouts Victoria is among the data potentially accessed by unauthorised third parties. We have contacted individuals who we know may have been directly affected by this incident and will continue to work with them to address their concerns.

The data that they saw relating to individuals included:

  • First name
  • Last name
  • Phone number
  • Email address
  • Residential address
  • Date of Birth (DOB)
  • Credit card information (full)
  • Credit card information (partial)
  • Tax File Number (TFN)
  • Bank details (BSB and account number)
  • Bank card
  • Driver’s licence
  • Passport
  • Other government-issued ID (i.e. Photo card)
  • Working with children card
  • Birth certificate
  • Australian Electoral Commission information
  • Medicare card
  • Password
  • Signatures (handwritten)
  • Sensitive criminal history information
  • Scouts membership number
  • Court orders (including pertaining to parenting)