Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Red Cross Blood Service’s Website Partner Inadvertently Leak Database Following Data Hack


The Australian Red Cross Blood Service along with the contractor of its website recently got saved from paying fines to the nation's privacy watchdog after certain data breach of 2016 leaked a database related to 550K donors.

During the month of October 2016, the Blood Service declared that Precedent its website associate by mistake leaked one database backup of 1.74GB size consisting of 1.28m records which donors submitted during the process of appointment booking.

An employee of Precedent who was given the job of honing functionality of the Blood Donate website of the Blood Service inadvertently saved one backup of UAT (user acceptance testing) data of the website to one freely obtainable web-server supporting the UAT databases.

There was information belonging to 550,000 would be donors in the database who had submitted their names for blood donation for the period 2010 to September 5, 2016. Arnnet.com.au posted this, August 7, 2017.

Almost 12 months following the breach, Timothy Pilgrim the Australian Information and Privacy Commissioner reached the conclusion of his investigation that he was certain about commitment by Australian Red Cross Blood Service towards maintaining its database related to personal information safe and secured.

When the breach occurred, potential donors' information stayed on the Blood Donate site's back-end and also got moved onto the Blood Service's server.

The Commissioner's probe found that one database consisting of info on about 500,000 would be blood donors had been uploaded onto one freely accessible web-server which Precedent Communications, name of one 3rd party provider managed.

It's reported that with the back-up it could've been possible to restore data if database upgrades or development work was erroneous. Although the employee's intention was for saving the database in a secure place, however, he mistakenly saved it on one freely obtainable web-server that implemented the UAT element.

Indeed, law is only for incidents related to payment card information, personal information, tax file serial details, and credit eligibility which would put people in true danger of severe harm.

Following the way Precedent is enforcing the proposed measures for honing its personal databases' security, Mr. Pilgrim regards this as the investigation's most suitable conclusion.

» SPAMfighter News - 11-08-2017

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next