This is huge news, that the time of this post, it's not covered by Australia's mainstream media.
For your benefit, realistically do not rely on Information Technology news by Australian 'news' outlets, but rather refer to trusted specific sources.
Approximately 12 million Australians are affected.
What Personal Data Was Leaked?
Because IDMerit is an AI-powered KYC (Know Your Customer, a government requirement fro U.S. telecomms) provider, the data it collects is incredibly sensitive. The unsecured 1-terabyte database didn't just leak passwords—it leaked the core personal identifiers used for your financial and digital life. The following structured data was left open for anyone to download:
-
Full names
-
Addresses
-
Post codes
-
Dates of birth
-
National IDs
-
Phone numbers
-
Genders
-
Email addresses
-
Telco metadata
-
Breach status and social profile annotations
The last data point – breach status and social profile annotations – could refer to a database identifier indicating whether the data originated from a data breach or a leaked database. However, at this point, the true meaning of the data point is unclear. The team noted that this specific data point was present only in some regions.
“At this scale, downstream risks include account takeovers, targeted phishing, credit fraud, SIM swaps, and long-tail privacy harms. Industry-wide, the case underlines how third-party identity vendors have become critical infrastructure and can become single points of catastrophic failure,” our team explained.
See more:
https://cybernews.com/security/global-data-leak-exposes-billion-records/
No comments:
Post a Comment