Australian Government Loses Online Privacy Alert Information in the Mail
In what’s surely to be the most ironic of today’s news, the Australian government has managed to lose subscription information from their Stay Smart Online alerts service. But this wasn’t the dastardly deeds of some nefarious hackers; the details were lost in the mail. The Department of Broadband, Communications and the Digital Economy alerted users yesterday that their information — which had been burned to a DVD — was wherever lost postal items go. This was surely comforting to find out.
You see, the DBCDE was in the process of switching contractors that handled the alert system and needed the information transferred from the one to the other. Someone, somewhere, made the brilliant decision to burn usernames, email addresses, hashed passwords, and password reminders to a DVD for easy transport. Can’t trust the tubes of the web, after all, as there be hackers out yonder. The contractor, AusCERT, then sent it via the Australia Post.
That was on April 11th. The package hasn’t been seen or heard from since. The alert system is now being handled by two other contractors which one can only assume must have gotten the information the old-fashioned way: Flash drives. Regardless, this should serve as a lesson that even privacy handlers can’t be completely infallible by even the most unlikely of foes. Information can be grabbed however you decide to transfer it.
(ZDNet via Slashdot, image credit via Pacdog)
- Australian AG Michael Atkinson resigns
- Anonymous bombs Australian government with porn
- Twitter pushes back against subpoena for protester’s tweets
Have a tip we should know? tips@themarysue.com