500K Addresses Exposed After QR Registration Bungle: Defense Sites, Domestic Violence Shelters, and a Missile Maintenance Unit Compromised

Just recently, half a million addresses were exposed due to an NSW Government QR code bungle. To make matters more concerning, the addresses include those coming from domestic violence shelters, defense sites, and even a maintenance unit for missiles.

NSW Customer Services Department Collected Hundreds of Thousands of Addresses

According to the story by news.com.au, the NSW Customer Services Department collected hundreds of thousands of individuals' locations through the standard QR code registration system. Registration is reportedly necessary in order to "comply with Covid-Safe directions."

As per a report by 9News, the data was "accidentally made public through a government website." To add, the Privacy Commissioner was being referred to by the NSW Government as per their statement to the network in October 2021.

The Situation was Referred to as Being 'Uploaded in Error'

The NSW Government also noted that the incident reportedly "did not constitute a privacy breach." In addition, the situation was referred to as being "uploaded in error" by Premier Dominic Perrottet.

As per Perrottet's statement to 9News, his understanding is that "they were satisfied that the matter was resolved" and that the exposed information was then taken down. To add, Perrottet also noted that the situation "shouldn't have happened.

'Covid Safe Businesses and Organizations Dataset has been Discontinued'

Queensland, South Australia, Victoria, West Australia, and the ACT were involved in the exposure and were classified as sensitive. This resulted in less than one percent of the 566,318 as per the NSW Department of Customer Services.

A notice saying the "Covid Safe Businesses and Organizations dataset has been discontinued" was initially noticed on the official NSW data website with a date of October 12, 2021. They also added that issues were identified regarding the "integrity of the data."

Customer Information Security and Privacy Reportedly Considered the 'Highest Priority'

No explanation regarding the details of the "integrity" issue was explained, but a department spokesperson gave a statement to 9News saying customer information security and privacy is considered the department's "highest priority."

The list of Covid-Safe businesses was made available online publicly in order to make sure that customers would be able to plan activities "while remaining Covid-Safe" as per the spokesperson when addressing "why there was a need for the public database."

Read Also: Hacking Group 'Team Xecutor' Leader Gary Bowser Sentenced to 40 Months in Jail with a $14M Fine After Providing Software for Pirated Switch Games

Technology Specialist Shared Potential Danger of the Publicly Available Data

Skeeve Stevens, a security and intelligence space technology specialist, gave a statement to the network noting that he had identified the publicly available data back in September. Upon finding the data, Stevens reportedly alerted cyber experts, which then led to the NSW Government being alarmed of the situation.

Stevens noted that the data could be "used for bad things" should wrong people have access to it. Stevens noted that locations of firearms, federal police, armory, and storage locations were shown and that there should have been some thought regarding "what should and shouldn't have been disclosed.

Related Article: 16-Year-Old Minecraft Gamer Sentenced to 5 Years in Prison After Planning to Blow Up Virtual Russian Intelligence Agency, the FSB

This article is owned by Tech Times

Written by Urian B.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics