Privacy Commissioner probes Fairfax hack

Powered by SC Magazine
 

Investigation launched into security and privacy compliance.

The Office of the Australian Information Commissioner has opened an investigation into the breach of two Fairfax microsites to probe whether sufficient security mechanisms were in place during the attacks.

Privacy Commissioner Timothy Pilgrim said the office would also investigate whether the web sites complied with the Privacy Act.

“I have opened an investigation into allegations that the Herald Education website may have been subject to hacking, compromising the personal information of some subscribers,” Pilgrim said.

“My investigation will be looking at the site’s compliance with the Privacy Act and in particular whether appropriate data security practices were in place at the time of the alleged hack.

Fairfax confirmed that two of its microsites were hacked but said up to 10,000 unencrypted credit card details compromised in the same attack were not linked to Fairfax customers.

Hackers revealed to SC Magazine how they managed to exploit vulnerabilities in two third party-hosted web sites, Herald Education and Young Writer.

SC Magazine informed Fairfax of the vulnerabilities as part of responsible information security disclosure. The sites have been taken offline in response.

“I strongly encourage businesses to make the security of their customer’s personal information a top priority, particularly in the light of an increased number of similar security breaches in 2011,” Pilgrim said.

Copyright © SC Magazine, Australia


Privacy Commissioner probes Fairfax hack
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 815

Vote