Tagged With data breach


Government agencies and organisations that fall under the Privacy Act (we're talking businesses with a turnover of more than $3 million a year) will need to, by law, notify both the privacy commissioner and affected individuals of 'eligible' data breaches.

That's right, the Privacy Amendment (Notifiable Data Breaches) Bill 2016, AKA Mandatory Data Breach Notification finally passed the senate yesterday, and will be in place within the next 12 months.


Remember when thieves took advantage of crappy security on the US IRS' online tax transcript website and stole the personal information of 100,000 people? We already knew that initial number was a lowball, but we didn't know how low -- an IRS audit recently uncovered that over 700,000 people had their accounts breached, and 575,000 others were targeted but not successfully accessed.


We've seen boat loads of personal info dumps online in the last year, but none as bizarre as this: A discovery of personal data from millions of Americans who've voted since 2000, found by a researcher in a sloppily configured database. In other words, it was just hanging out on the web. For unknown reasons. And we have no idea who put it there.