iTnews

City of Port Phillip leaks personal details in data.gov.au blunder

By Justin Hendry on Oct 29, 2020 12:29PM
City of Port Phillip leaks personal details in data.gov.au blunder

Incorrect graffiti reporter dataset online for seven months.

An unknown number of residents who reported graffiti to a Melbourne-based council have had their personal information inadvertently published on the federal government’s open data portal.

The City of Port Phillip council revealed the data breach on Wednesday, saying that names, phone numbers and email addresses were disclosed in its graffiti management dataset on data.gov.au.

Property addresses “used to identify the location of the graffiti” were also accidently release “in some instances”, which the council said “may link the person reporting the graffiti to that address”.

The data was publicly accessible on data.gov.au - which contains more than 30,000 anonymised datasets - for seven months before it was taken down at the beginning of October.

“Council became aware of the breach on 5 October 2020 and in response conducted an internal investigation,” the council said.

“It was determined that the data breach started in March 2020.

“The dataset was immediately suspended from the data.gov.au website at 8.45 am on 5 October 2020, to prevent any further views/downloads.

“Council has endeavoured to directly contact any persons affected by this breach via email.”

A spokesperson told iTnews that "approximately 764 email addresses and 859 phone numbers were published", of which "53 percent of email addresses belonged to businesses and 28 percent of phone numbers were for landlines or 1300 numbers".

“For transparency, and because we take the protection of personal information very seriously, we reported all of these to the Office of the Victorian Information Commissioner,” the spokesperson added.

The council said the incorrect dataset was selected “during work to automate the generation of the graffiti dataset” and then accidentally approved for publication on data.gov.au.

“As the data was open to the public, Council is not able to confirm who has accessed the data,” it added.

As a result of the accidental disclosure, the council said it had updated the process for publishing open data, and now included a “peer review and sign-off prior to publishing”.

It has also updated “automated generation of data”, so to include only “information that relates to the location of graffiti (street number, street name, suburb, postcode and date submitted)”.

“Council sincerely apologises for the disclosure of personal information and for any distress and inconvenience this may cause,” it said.

“Council regards the protection of personal information to be of great importance and makes every effort to safeguard personal information under its control.

“Council assures that this breach is being appropriately addressed by the organisation, and all endeavours will be undertaken to ensure that future breaches of this nature do not occur.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
city of port phillip council council data data breach datagovau governmentit local government open data security

Partner Content

MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
MSI launches innovative new laptops
Partner Content MSI launches innovative new laptops
Improving returns from SD-WAN spending
Sponsored Content Improving returns from SD-WAN spending
NCS expands into Australia in partnership with Optus Enterprise
Sponsored Content NCS expands into Australia in partnership with Optus Enterprise

Sponsored Whitepapers

The risky business of open source
The risky business of open source
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation
How to choose a WAF that's right for you
How to choose a WAF that's right for you
The global telco 5G cloud gaming opportunity
The global telco 5G cloud gaming opportunity
Building a ransomware remediation backup strategy
Building a ransomware remediation backup strategy

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
By Justin Hendry
Oct 29 2020
12:29PM
0 Comments

Related Articles

  • Govt's public sector data sharing bill enters parliament
  • COVIDSafe data 'incidentally' collected by intelligence agencies in first six months
  • NSW govt requests to privacy watchdog climb 171 percent
  • NSW govt blasted for failing councils on cyber security
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Update Chrome or risk remote takeover, US govt warns

Update Chrome or risk remote takeover, US govt warns

Telstra pilots its first neurodiversity recruitment program

Telstra pilots its first neurodiversity recruitment program

Google unravels state-of-art Android and Windows exploit chains

Google unravels state-of-art Android and Windows exploit chains

Accellion hack behind Reserve Bank of NZ data breach

Accellion hack behind Reserve Bank of NZ data breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.