Search

Sensitive addresses among more than 500,000 leaked from NSW Government database - 9News

New South Wales Premier Dominic Perrottet has admitted the leak of more than 500,000 addresses, including Defence sites, a missile maintenance unit and domestic violence shelters through a government website "shouldn't have happened".

The hundreds of thousands of locations were collected by the NSW Customer Services Department through its QR code registration system and made public through a government website.

The locations, seen in a dataset obtained by 9News, were businesses or organisations which registered as wanting to comply by COVID-Safe directions.

The hundreds of thousands of locations were collected by the NSW Customer Services Department through its QR code registration system.
The hundreds of thousands of locations were collected by the NSW Customer Services Department through its QR code registration system. (9News)

"If there has been, as it appears on its face, to have been a significant breach, then relevant state government department must be prosecuted," civil libertarian Terry O'Gorman said.

The addresses of dozens of shelters and crisis accommodation centres for women across NSW were also made public, leading to one victims' support advocate claiming "it could be a matter of life and death".

"If government is really sharing information like this, it can have serious consequences," Hayley Foster, the chief executive officer of Women's Safety NSW, said.

The list also included correctional facilities and critical infrastructure networks, including power stations and tunnel entry sites.

New South Wales Premier Dominic Perrottet has admitted the leak of more than 500,000 addresses.
New South Wales Premier Dominic Perrottet has admitted the leak of more than 500,000 addresses. (9News)

Locations in Western Australia, Queensland, Victoria, South Australia and the ACT were also included in the NSW database.

The NSW Government said it referred the matter to the Privacy Commissioner in October last year and was told "the incident did not constitute a privacy breach".

Mr Perrottet said he was advised of "an issue" this morning and said information had been "uploaded in error".

Locations in Western Australia, Queensland, Victoria, South Australia and the ACT were also included in the NSW database.
Locations in Western Australia, Queensland, Victoria, South Australia and the ACT were also included in the NSW database. (9News)

"That was worked through Privacy Commissioner. My understanding is they were satisfied that the matter was resolved and that information was taken down. It shouldn't have happened," Mr Perrottet said.

The NSW Department of Customer services said it classed less than one per cent of the 566,318 locations as sensitive.

"These businesses were all contacted by telephone and letter. No issues of concern were raised by any recipients," a department spokesperson said.

A notice on the NSW data website dated October 12, 2021 says: "The COVID Safe Businesses and Organisations dataset has been discontinued. We have identified issues with integrity of the data".

But neither the department nor the government explained what the "integrity" issue was.

Today, a department spokesperson said it "considers the security and privacy of customer information its highest priority".

Registration as a COVID-Safe business was open to all businesses, including those in other states and territories which had interests in NSW.

Whistleblower Skeeve Stevens, a technology specialist in the security and intelligence space, identified the publicly available data in September and said he alerted cyber experts, who in turn raised the alarm with the NSW Government.

"If the wrong people got hold of this it could've been used for bad things," Mr Stevens said.

"Some of the scary things we were searching - firearms, armoury, federal police and where storage locations were - perhaps someone should've thought about what should and shouldn't have been disclosed."

Mr O'Gorman questioned the need for the public database.

"Why did they make this information available in the first place? It just boggles the mind as to why there's even a necessity to publish this sort of information," he said.

The department spokesperson said: "The list of COVID-Safe businesses was publicly available online to ensure customers could plan activities while remaining COVID-Safe.

"Those registering were advised the Department of Customer Service may share de-identified information for research and statistical purposes."

Adblock test (Why?)


https://news.google.com/__i/rss/rd/articles/CBMijwFodHRwczovL3d3dy45bmV3cy5jb20uYXUvbmF0aW9uYWwvbnN3LW5ld3MtZGF0YS1sZWFrLXNob3VsZG50LWhhdmUtaGFwcGVuZWQtcHJlbWllci1kb21pbmljLXBlcnJvdHRldC1zYXlzLzE1ZmZiZWFjLTFhMzctNDgwMy05ZmZlLTRlNmY0MTllMjRlYtIBAA?oc=5

2022-02-14 08:34:47Z
CAIiEEyreWIQumKYWtrH-ZE7FhAqGQgEKhAIACoHCAowpLPzCjDR6IMDMOKTxwY

Bagikan Berita Ini

0 Response to "Sensitive addresses among more than 500,000 leaked from NSW Government database - 9News"

Post a Comment

Powered by Blogger.