Managed Services Australia Logo - Different Size

Data breach with over 50,000 university students personal information.

cyberduck

September 11, 2019

The digital sphere faces yet another alarming privacy violation as the payment and ticketing platform, Get, unintentionally reveals the personal data of tens of thousands of university students.

The Breach Uncovered

A startling discovery on Get’s platform led to the realisation that data belonging to over 50,000 students had been compromised. Predominantly used by student clubs across the nation for organising events, the interface revealed names and contact details, inadvertently leaving them open for access.

The breach came to light on a Saturday, and even though the company acted promptly to restrict data visibility, the magnitude of unauthorised access remains uncertain. An anonymous user, who identified the breach, hinted that the data could have been accessed thousands of times.

Digging Deeper

After accessing the database, the user found that a search for phone numbers with the Australian area code produced more than 50,000 results. These entries weren’t just limited to phone numbers but extended to email addresses linked with user profiles.

For context, the breached data equates to nearly one-third of the 159,000 students actively using Get’s platform. This incident is even more concerning considering the platform’s widespread usage by renowned student societies across Australia, like Sydney University Cricket Cub and UNSW Engineering Society.

The Backbone of Your Business

Company’s Reaction

While Get remained unresponsive to media comments, they publicly acknowledged the breach on their official website, committing to further investigations. Given the severity of the incident, it’s speculated that it falls under the Notifiable Data Breaches scheme governed by the Privacy Act. As per the scheme, Get is obligated to inform the Office of the Australian Information Commissioner and promptly alert the affected individuals.

Previous Tangles

Unfortunately, this isn’t Get’s maiden tryst with data violations. Previously recognized as Qnect, the platform was a target of a hacker group last year. Threatening to make user data public, the hackers demanded a ransom in bitcoin.

Moving Forward

The incident emphasises the fragility of personal data and the ever-present threats in the digital domain. While organisations bear the onus of fortifying data protections, individuals too should be vigilant and proactive in ensuring their data’s security.

Discover more about Managed Services Australia and our comprehensive tech solutions here.

Dive into a world of tech advancements by visiting our Technology Centre. Begin your journey with a strategic purchase today!

Reach out to our expert team at 📞 1300 024 748 or drop a line through our contact form. Your uninterrupted operations are just a call away.

Book a consultation with Managed Services Australia.

Start your journey towards seamless IT solutions with us today – unlock your business’s true potential!