[AusNOG] Stay Smart, is not so Smart
Joseph Saxton
Joe.Saxton at workforce.com.au
Mon Jul 9 10:46:00 EST 2012
Funny things happen to good people......
-----Original Message-----
From: ausnog-bounces at lists.ausnog.net
[mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of James Hodgkinson
Sent: Friday, 6 July 2012 19:58
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Stay Smart, is not so Smart
Seriously, they transferred that data unencrypted? We won't put anything
like that into 3rd-party transport without encryption :S
James
(To the list this time, sorry OP.)
On 6 July 2012 18:00, Noel Butler <noel.butler at ausics.net> wrote:
> Some miscreant spammer might think they've won the lotto if they get
> this....
>
>
>
> 6 July 2012
>
>
> Notification of Subscriber Data Loss
>
> Dear Subscriber
>
> We are writing to notify you that the Department has been advised by a
> former external contractor that a DVD which included information
> provided by Stay Smart Online Alert Service subscribers was lost in
Australia Posts'
> system, after being posted on 11 April 2012.
>
> The external contractor provided the Alert Service on behalf of the
> Department of Broadband, Communications and the Digital Economy ('the
> Department') from 2008 until 29 April 2012, when its contract with the
> Department expired. As you may be aware, the Stay Smart Online Alert
> Service is currently being re-developed by the Department in
> collaboration with two new contractors.
>
> As part of the expiry of contract handover process, the original
> contractor advised that it copied its SSO Alert Service subscriber
> database onto a DVD and, on 11 April 2012, posted this DVD to the
> Department using Australia Post's express post service. Unfortunately,
> this DVD was never received by the Department. The original contractor
> has informed the Department that information on the missing DVD
> included subscribers': usernames; email addresses; memorable phrases;
> and passwords which are unreadable (as cryptographic hash).
>
> The Department has no reason to believe that this information has been
> found and misused by any third party and we do not believe that there
> is a privacy risk. We are informing subscribers consistent with a
'best practice'
> approach for privacy matters.
>
> However, if you have used the same username, memorable phrase and/or
> password for other websites or services you may wish to consider
> whether these need to be changed.
>
> For information on password security and other tips and advice on how
> to be safe and secure online, visit Stay Smart Online website
> (www.staysmartonline.gov.au).
>
> Regards
>
> Stay Smart Online Team
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
__________________________________________________________________________________________
Note:
This message is for the named person's use only. It may contain confidential,
proprietary or legally privileged information. No confidentiality or privilege
is waived or lost by any mistransmission. If you receive this message in error,
please immediately delete it and all copies of it from your system, destroy any
hard copies of it and notify the sender. You must not, directly or indirectly,
use, disclose, distribute, print, or copy any part of this message if you are not
the intended recipient. Worforce International Pty Ltd and any of its subsidiaries each reserve
the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except where
the message states otherwise and the sender is authorized to state them to be the
views of any such entity.
__________________________________________________________________________________________
More information about the AusNOG
mailing list