AU: Blood Service escapes penalties in data breach investigation
Allie Coyne reports:
The Australian Red Cross Blood Service and its website contractor have escaped penalties from the country’s privacy watchdog over a 2016 data breach that exposed the data of 550,000 donors.
In late October last year the Blood Service revealed its website partner Precedent had inadvertently exposed a 1.74GB database backup containing 1.28 million records entered by donors as part of the appointment booking process.
A Precedent employee tasked with enhancing a feature on the Blood Service’s Donate Blood site accidently saved a backup of the site’s user acceptance testing (UAT) database to a publicly accessible portion of the web server that hosted the UAT environment.
Read more on IT News.