Incident: Thousands of Australian medical histories exposed in data breach | SMH

Incident: Thousands of Australian medical histories exposed in data breach | SMH

Australian Information Security Incident Reported: August 07 2019

Thousands of Australian medical histories exposed in data breach

UpGuard uncovered Neoclinical’s unsecured database on the internet

Reported in: SMH

Tens of thousands of Australians have had their medical histories and other private information exposed in a large data breach of a company that enabled them to participate in paid clinical trials.

The database belonging to Neoclinical exposed approximately 37,000 people’s contact information and their responses to personal medical questions qualifying them for clinical trials, which included information about diagnoses, illicit drug use and treatments.

Source: Thousands of medical histories exposed in data breach

Incident: NAB reveals 13,000-person data breach at 6PM Friday | iTnews

Incident: NAB reveals 13,000-person data breach at 6PM Friday | iTnews

Australian Information Security Incident Reported: July 26  2019

NAB reveals 13,000-person data breach at 6PM Friday

Dataset uploaded to the servers of two service providers. And not burying news, promise.
Reported in: iTnews

NAB disclosed a data breach late Friday after a dataset containing the personal details of approximately 13,000 customers was uploaded to the servers of “two data service companies”.

Chief data officer, Glenda Crisp, said the compromised data “included customer name, date of birth, contact details and in some cases, a government-issued identification number, such as a driver’s licence number.”

Crisp attributed the issue to “human error”.

 

Source: NAB reveals 13,000-person data breach at 6PM Friday
Company Statement: NAB apologises to customers for data breach (inc. Video)
Incident: MYOB in payslip privacy bungle | iTnews

Incident: MYOB in payslip privacy bungle | iTnews

Australian Information Security Incident Reported: July 04  2019

MYOB in payslip privacy bungle

Blamed on cloud system “glitch”.
Reported in: iTnews

“On 28 June we discovered a small number of people received incorrect payment summaries sent between 1 June and midday 28 June 2019,” the MYOB said in a statement.

“Our investigation has since revealed 220 individual payment summaries went to the incorrect person.”

The company said it had called in the ATO and the Office of the Australian Information Commissioner over the breach

Source: MYOB in payslip privacy bungle

ACCC blames premature TPG merger rejection reveal on unpatched CMS | iTnews

ACCC blames premature TPG merger rejection reveal on unpatched CMS | iTnews

Australian Information Security Incident Reported: May 16 2019

The Australian Competition and Consumer Commission (ACCC) has pinned the blame for its embarrassing premature disclosure of the TPG and Vodafone Australia merger rejection on an as yet unspecified glitch in its website content management system, which the regulator says has now been patched.

Source: ACCC blames premature TPG merger rejection reveal on unpatched CMS – Cloud – Security – Software – Telco/ISP – iTnews

Incident: Australian TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids | ThreatPost

Incident: Australian TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids | ThreatPost

Australian Information Security Incident Reported: April 15, 2019

A popular Australian smartwatch’s tracking capabilities expose its user’s locations, personal data and more.

A popular smartwatch that allows parents to track their children’s whereabouts, TicTocTrack, has been discovered to be riddled with security issues that could allow hackers to track and call children.

That means that an attacker who is logged into the service could remotely compromise the app and track other accounts that are based in Australia.

Source: A popular Australian smartwatch’s tracking capabilities expose its user’s locations, personal data and more.

More 2019 Cyber Security Incidents….

Incident:  Bunnings exposed staff performance database | iTnews

Incident: Bunnings exposed staff performance database | iTnews

Australian Information Security Incident Reported: February 06 2019

Bunnings has confirmed it notified the Office of the Australian Information Commissioner of a data breach, after an individual staffer set up an employee performance monitoring database on his home computer and exposed it to the internet.

The database also contained log in credentials for staff and developers, some in plan text, he added.

Furthermore, contact details of 1194 customers were exposed, including email and physical addresses, and phone numbers.

Source: Bunnings exposed staff performance database