
Incident: Bug briefly exposed Service NSW data to other users | iTnews

Australian State Government Cyber Incident, 04 April 2023
Bug briefly exposed Service NSW data to other users
‘technical issue’ may have exposed data of 3700 customers
Source: Incident: Bug briefly exposed Service NSW data to other users | iTnews
View more incidents from Service NSW sector and other incidents from New South Wales.

Service NSW has apologised for a software bug that briefly allowed users to view each others’ information on the “My services” dashboard.
The agency said it believed the personal information available during the 94-minute window was not searchable and was isolated to the website.
Personal data – including driver’s licences, their children’s names and mobile phone numbers – may have been ‘exposed’
Service NSW said the issue may have impacted 3700 users, before the dashboard page was taken down.
“Service NSW can confirm the incident was not a cyber attack”, the spokesperson said.
Affected customers and the NSW Information and Privacy Commission were notified on the day of the incident, the spokesperson said.