As reported by the Australian Computer Society (ACS) an anonymous group of offshore subcontractors are alleging to have gained access to sensitive private Australian information and are also alleging a pay dispute with the IT contracting firm that provides IT services to ClubsNSW.
It’s alleged this information includes biometrics, facial recognition, driver’s license details and the slot machine usage of club patrons. It’s also been alleged that the sensitive information has been potentially leaked on to a website that provides a search function for users to check if their personal information has been compromised
The IT contracting firm involved has advised that the potential breach is currently under investigation.
While considering that this breach is currently under investigation, it serves a reminder for businesses and organizations to properly encrypt sensitive Australian data. Businesses that subscribe to Microsoft already have some encryption options available to them generally at no additional cost, such as Microsoft’s encrypted file system (EFS) for one excample.
If consumer data is encrypted, it will only be visible on computer systems that have access to the encryption key, this mitigates the potential risk of data exfiltration.
Concerned businesses can be assured that independent Australian based ICT technicians such as Shane from Shanes Computing and Networking do have the skills to properly implement and verify high level encryption standards. Shane is a professional who is insured with current police background checks. Shane will never release consumer data online, even during a pay dispute. Shane sees this kind of action as an unethical betrayal to the Australian people.
The legitimacy of the ClubNSW data breach claim is still being investigated.