- Twitter suspends Iranian state media outlets for harassing members of a religious minority 3 Years Ago
- Pro-MAGA pageant queen stripped of title over ‘offensive’ tweets Today 11:52 AM
- Marvel unveiled its Phase 4 plans at San Diego Comic-Con Today 9:16 AM
- How a queer Instagram is helping fight the opioid epidemic in Appalachia Today 6:30 AM
- Philadelphia to fire 13 officers for racist, violent Facebook posts Saturday 6:12 PM
- Nick Offerman is so down to play every single role in ‘Cats’ Saturday 4:27 PM
- Woman documents how airport staff broke her wheelchair Saturday 3:04 PM
- Funeral home allegedly posted photos of woman’s dead body on social media Saturday 1:56 PM
- Alinity Divine is being investigated after throwing her cat during stream (updated) Saturday 12:04 PM
- ‘Comedians In Cars Getting Coffee’ returns with Seinfeld making a racist joke about China Saturday 10:26 AM
- YouTubers Eugenia Cooney and Shane Dawson make a joint comeback Saturday 9:06 AM
- The crushing effects of Trump’s abortion ‘gag rule’ on healthcare Saturday 8:00 AM
- How to live stream Pacquiao vs. Thurman Saturday 6:20 AM
- Review: Hulu with Live TV ensures you always have something to watch Saturday 6:00 AM
- How to live stream UFC on ESPN 4: Rafael dos Anjos vs. Leon Edwards Saturday 5:49 AM
It’s the biggest healthcare security breach in Australian history.
The personal information of more than half a million Australian blood donors has been leaked in a serious security breach at the Red Cross.
The hacked file is reportedly a back-up datasheet of submissions to a web-based contact form. Over 550,000 people who donated blood between 2010 and 2016 are on list, which also includes contact numbers and addresses.
The Australian Red Cross Blood Service held a press conference in Melbourne on Friday where chief executive Shelly Park explained the situation:
“We learned that a file, containing donor information, which was located on a development website, was left unsecured by a contracted third party who develops and maintains our website. The issue occurred due to human error. Consequently, this file was accessed by a person outside of our organization.”
The compromised archive file, which was online from Sept. 5 to Oct. 25, also includes the personal health details submitted by each individual into the inquiry form’s blood donor questionnaire. It’s this information that is most sensitive, such as whether the donor engaged in drug use, sex work, or gay sexual activity.
Red Cross was working with the cyber emergency response team and forensics experts at AusCERT to remove all known copies of the file, which was reportedly successful. Now, the forensics experts are attempting to trace who may have accessed and downloaded the archive before the vulnerability was realized. This kind of analysis is more time consuming and difficult.
Still, despite the third-party responsibility, it appears that the Red Cross is taking full responsibility for what has happened.
“We apologize, and we acknowledge that this is unacceptable,” Park said. “Our apology is unreserved. Donors have an expectation and a right to think that all of their information that they share with us is held accountably and responsibly.”
In context of health breaches, this is the biggest in Australia’s history. As data-rich entities, healthcare organizations are prime targets for hacks and data breaches. A study released in May of this year indicated that 90 percent of all healthcare organizations had suffered a compromise in the last two years, costing them an average of $2.2 million on each occasion.
Those who were notified that they were on the Red Cross’ leaked file have been warned to remain vigilant to scams, online or offline, that may utilize their personal information in phishing attacks for fraudulent purposes.
David Gilmour is a reporter who specializes in national politics, internet culture, and technology. He previously covered civil liberties, crime, and politics for Vice.