A startling discovery on Get’s platform led to the realisation that data belonging to over 50,000 students had been compromised. Predominantly used by student clubs across the nation for organising events, the interface revealed names and contact details, inadvertently leaving them open for access.
The breach came to light on a Saturday, and even though the company acted promptly to restrict data visibility, the magnitude of unauthorised access remains uncertain. An anonymous user, who identified the breach, hinted that the data could have been accessed thousands of times.
After accessing the database, the user found that a search for phone numbers with the Australian area code produced more than 50,000 results. These entries weren’t just limited to phone numbers but extended to email addresses linked with user profiles.
For context, the breached data equates to nearly one-third of the 159,000 students actively using Get’s platform. This incident is even more concerning considering the platform’s widespread usage by renowned student societies across Australia, like Sydney University Cricket Cub and UNSW Engineering Society.