Australian Information Security Incident Reported: September 11 2018
A vulnerability in the service portal for the National Disability Insurance Scheme has allowed a number of providers to obtain personally identifiable information of users and steal money.
The flaw allowed any user or registered provider to gain access to random support pages for users by guessing a nine-digit plan number. Companies could then bill these users and receive payment right away.
In a statement, the National Disability Insurance Agency, the organisation running the scheme, said its Fraud Taskforce had identified “a small number of providers who may be seeking to exploit the NDIS”.
Australian Information Security Incident Reported: August 30 2018
Australian business process outsourcing company Onehalf left medical information for hundreds of individuals and bank account numbers for several large Australian enterprises exposed in a set of unsecured public GitHub repositories, the security firm UpGuard says.
Australian Information Security Incident Reported: June 02 2018
About 10,000 customers of the Commonwealth Bank of Australia, the country’s biggest bank, may have had their personal information compromised due to emails being sent to the cba.com domain, instead of cba.com.au.
The bank said it had confirmed that none of this data had been used and that it was deleted from the cba.com email servers.
“From January 2017, we have been blocking internal emails addressed to the cba.com domain name.”
Australian Information Security Incident Reported: June 01 2018
The face of disgraced American television star Roseanne Barr suddenly appeared in all its glory in the most unlikely of places on Thursday: as a radar image on the website of the Bureau of Meteorology.
But the bureau denied there had been any intrusion into its network. The screenshot was taken at 8.30am AEST on Thursday.