04 Nov Personal Details of 50,000 Australians Leaked by Third Party Contractor
Reports of a data leak involving the personal data of around 50,000 Australian employees have recently surfaced. The breach was said to have been caused by a third party contractor.
According to a polish security researcher who goes by the handle Wojciech, the contractor apparently misconfigured the their Amazon S3 bucket server which left the information completely exposed online. The data contained full names, passwords, IDs, phone numbers, and email addresses, as well as some credit card numbers and details on staff salaries and expenses.
Included in the breach were records from insurer AMP, utility UGL, Rabobank, as well as government agencies such as the Department of Finance, the Australian Electoral Commission, and the National Disability Insurance Agency.