Legal help for data breach compensation claims

Cloud storage error compromises almost 50,000 records belonging to government and major company employees

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

Australia was recently hit by a huge data breach when a misconfiguration of a cloud storage system reportedly compromised some 50,000 employee records.

This is thought to be the second largest data breach in Australian history.

A number of employee records were compromised for several government departments, including 3,000 from the Department of Finance; 1,470 from the Australian Electoral Commission; and 300 from the National Disability Insurance Agency.

The following companies were reportedly affected:

  • 25,000 from AMP Limited: a major Australian financial services company
  • 17,000 from UGL: a utilities and construction company
  • 1,500 from Rabobank

A third party contractor was apparently configuring an Amazon three bucket – a common form of cloud storage for masses of data – when they made the error of leaving the records openly accessible.

The type of information compromised may also be a cause for great concern, as it comprised of:

  • Full names
  • Phone numbers
  • Email addresses
  • Credit card numbers
  • ID’s
  • Passwords
  • Staff salaries
  • Staff expenses

This type of information could leave victims open to fraud. Confidential information like this should only be accessed and used by appropriate persons, and should not be placed on the internet for anyone to see and misuse.

Polish researcher, Wojiech, reportedly discovered the breach, but noted that most of the credit card numbers were already cancelled or out-of-date. However, cyber criminals could still use this information to cause damage.

Australia’s Prime Minister and Cabinet members said they were first made aware of the breach in early October 2017, and the Australian Cyber Security Centre were informed and instructed to, “secure the information and remove the vulnerability”.

In early November, the Victorian Electoral Commission admitted that they had accidentally published personal data belonging to 21,000 Melbourne residents and 28 silent electors online. The information was gathered for a local council election over ten years ago in 2005, but was accidentally uploaded by the Proportional Representation Society of Australia.

The information was easily found through a search engine.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Author on February 16, 2018
Posted in the following categories: Latest and tagged with |


The Swedish data breach attack and fraud trial
ICO issues True Telecom fine of £85,000.00 and an enforcement notice for nuisance calls