Australian State Government Cyber Incident, 04 April 2023

Bug briefly exposed Service NSW data to other users

‘technical issue’ may have exposed data of 3700 customers

Source: Incident: Bug briefly exposed Service NSW data to other users | iTnews

View more incidents from Service NSW sector and other incidents from New South Wales.

Service NSW has apologised for a software bug that briefly allowed users to view each others’ information on the “My services” dashboard.

The agency said it believed the personal information available during the 94-minute window was not searchable and was isolated to the website.

Personal data – including driver’s licences, their children’s names and mobile phone numbers – may have been ‘exposed’

Service NSW said the issue may have impacted 3700 users, before the dashboard page was taken down.

“Service NSW can confirm the incident was not a cyber attack”, the spokesperson said.

Affected customers and the NSW Information and Privacy Commission were notified on the day of the incident, the spokesperson said.