In the biggest data breach in Australia to date, 1.74 GB file containing 1.28 million records of blood donors from 2010 was exposed online inadvertently by Red Cross’ service provider Precedent, iTnews says. This happened when Precedent was redesigning the blood service’s website and “human error” led to the data being published on a publicly facing website from Sep. 5 to Oct. 25 of this year.
It was accidentally discovered on "mysqldump" database by an individual who conveyed it to Troy Hunt of haveibeenpwned.com. What makes this a serious leak is that the database, with personal details of around 550,000 donors, includes data of blood type and sensitive medical information pertaining to high-risk sexual behavior.
Privacy Commissioner Timothy Pilgrim and AusCERT are investigating the incident with assistance from Red Cross and Precedent.
Read the full story on iTnews.