AU: Blood Service escapes penalties in data breach investigation

Allie Coyne reports:

The Australian Red Cross Blood Service and its website contractor have escaped penalties from the country’s privacy watchdog over a 2016 data breach that exposed the data of 550,000 donors.

In late October last year the Blood Service revealed its website partner Precedent had inadvertently exposed a 1.74GB database backup containing 1.28 million records entered by donors as part of the appointment booking process.

A Precedent employee tasked with enhancing a feature on the Blood Service’s Donate Blood site accidently saved a backup of the site’s user acceptance testing (UAT) database to a publicly accessible portion of the web server that hosted the UAT environment.

Read more on IT News.

About the author: Dissent

Comments are closed.