iTnews
  • Home
  • News
  • Technology
  • Security

First data breach publicised under Australian notice scheme

By Staff Writers on Mar 16, 2018 8:14AM
First data breach publicised under Australian notice scheme

Svizter reveals email leak.

Shipping company Svizter Australia has revealed a data breach that saw the personal information of half of its employees leaked outside the company.

Yesterday it revealed that up to 60,000 emails from three accounts in finance, payroll and operations were secretly auto-forwarded to two external accounts between May 27 2017 and March 1 this year.

The forwarding rule was detected after the emails began to bounce back. 

The emails contained information on employees including tax file numbers, next of kin details, and superannuation account information, as first reported by the ABC.

It impacted more than 400 employees at the shipping company, which has a workforce of around 1000. Svitzer notified affected workers yesterday.

The company said it stopped the auto-forwarding after becoming aware of the issue on March 1.

It is undertaking a review to determine the extent of the theft and the identity of the perpetrator.

“This is a reminder of the constant threat individuals and businesses alike face,’’ Svizter Australia managing director Steffen Risager said in a statement.

“The nature of cybercrime means while we can get it right a thousand times, the perpetrator only needs to get it right once. We will learn from this experience.”

It notified the Office of the Australian Information Commissioner of the breach as per the country's new notifications scheme, which came into effect on February 22.

The breach is the first to be made public since the scheme came into force last month.

However, the OAIC said it has received 31 notifications in the first three weeks of the scheme being in operation.

It will release information on the notices it receives each quarter. The first publication of breach notices is expected in early April.

An OAIC spokesperson said the office would assess the information provided by Svizter and decide whether any further action was required.

It noted that the primary point of the new mandatory breach notification scheme was to ensure affected individuals were notified of a breach of their personal information.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
breachsecuritysvitzer

Partner Content

How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By Staff Writers
Mar 16 2018
8:14AM
0 Comments

Related Articles

  • Carnival fined US$5m for cyber security violations
  • Law firm mulls class action over NDIS software provider data breach
  • NDIS case management system provider breached
  • India mandates data breach notification within six hours
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

PayTo rollout kicks off

PayTo rollout kicks off

Australia scraps digital passenger cards for international arrivals

Australia scraps digital passenger cards for international arrivals

Neobank Volt exits the banking industry

Neobank Volt exits the banking industry

Optus brands Telstra-TPG deal 'uniquely one-sided'

Optus brands Telstra-TPG deal 'uniquely one-sided'

Digital Nation

Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working
Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.