The Australian Human Rights Commission accidentally leaked around 670 documents submitted via webforms, where they were indexed by search engines.
The commission said in a statement that “around 100” of the documents were accessed, most likely via search results.
The breach was uncovered on April 10 and led to the attachment function on the webform being disabled.
Initially the commission suspected that only attachments submitted to support complaints during one month of this year were impacted.
However, upon investigation, it has found attachments to various webforms had been leaked since October 2021.
The webforms were set up for various projects, including awards nominations and “concept papers” where engagement was sought.
“Many of the attachments contain personal information,” the commission said in a notification.
“Some attachments contain no personal information and others contain information that is already publicly available.
“We have taken action to address the disclosure including having relevant documents removed from search engines.
“We have [also] suspended the ability to submit information through webforms on the commission’s website while ensuring there are alternative ways to securely share information.”
The commission said it would notify affected individuals “where we have contact details”.
_(20).jpg&h=140&w=231&c=1&s=0)
_(22).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
