Data Integrity at risk in Service NSW: Thousands Affected by Information Leak
It is been revealed on March 20th, that during an update to the NSW Service website, any customer who logged in between 1.20 pm and 2.54 pm had their details exposed to other customers. Forcing the Government to apologise to 3700 Australians who had their information exposed. Customer driver's licenses were exposed, including demerit points, other data exposed included current addresses, phone numbers, emails, vehicle registration details, and also names of children under the care of the exposed customer.
The incident that took place only became known when one of the victims, Richard Nelson, posted an email he received from Services NSW this Monday, with details about the information exposed and if any further steps are required.
Service NSW chief executive officer Greg Wells has ensured that “any risk of harm presented by this incident is very low."
"Unfortunately the update resulted in some customers' information being visible to other customers who were logged in to the website between 1.20 pm and 2.54 pm," Mr. Wells said.
"You may have seen other people’s personal information, or that other people may have seen your personal information in error. The personal information was not searchable.
"I can confirm this was not a cyberattack and Service NSW believes that any risk of harm presented by this incident is very low."
Below is the official email sent to Richard Nelson he provided to ‘The Sydney Morning Herald’:
Your Security is our Priority
Your friendly Support Team
Speak to us about all your computer needs
This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.