[AusNOG] Stay Smart, is not so Smart

Jared Hirst jared.hirst at serversaustralia.com.au
Mon Jul 9 11:24:56 EST 2012 

Why would they send such data via Australia post???
On Jul 6, 2012 6:07 PM, "Noel Butler" <noel.butler at ausics.net> wrote:

> **
> Some miscreant spammer might think they've won the lotto if they get
> this....
>
>
>
> 6 July 2012
>
>
> Notification of Subscriber Data Loss
>
> Dear Subscriber
>
> We are writing to notify you that the Department has been advised by a
> former external contractor that a DVD which included information provided
> by Stay Smart Online Alert Service subscribers was lost in Australia Posts’
> system, after being posted on 11 April 2012.
>
> The external contractor provided the Alert Service on behalf of the
> Department of Broadband, Communications and the Digital Economy (‘the
> Department’) from 2008 until 29 April 2012, when its contract with the
> Department expired.  As you may be aware, the Stay Smart Online Alert
> Service is currently being re-developed by the Department in collaboration
> with two new contractors.
>
> As part of the expiry of contract handover process, the original
> contractor advised that it copied its SSO Alert Service subscriber database
> onto a DVD and, on 11 April 2012, posted this DVD to the Department using
> Australia Post’s express post service. Unfortunately, this DVD was never
> received by the Department. The original contractor has informed the
> Department that information on the missing DVD included subscribers’:
> usernames; email addresses; memorable phrases; and passwords which are
> unreadable (as cryptographic hash).
>
> The Department has no reason to believe that this information has been
> found and misused by any third party and we do not believe that there is a
> privacy risk.  We are informing subscribers consistent with a ‘best
> practice’ approach for privacy matters.
>
> However, if you have used the same username, memorable phrase and/or
> password for other websites or services you may wish to consider whether
> these need to be changed.
>
> For information on password security and other tips and advice on how to
> be safe and secure online, visit Stay Smart Online website (
> www.staysmartonline.gov.au).
>
> Regards
>
> Stay Smart Online Team
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120709/67bd7d1f/attachment.html>

More information about the AusNOG mailing list