Request a Demo
Welcome to the Cygilant Blog

Data Breach Details: The Australian Red Cross Has Over 1.2 Million Records Stolen

Posted by Vijay Basani on Nov 15, 2016

The Australian Red Cross forgot to lock the backdoor to their IT databases, and information was stolen.
The Australian Red Cross forgot to lock the backdoor to their IT databases, and information was stolen.

The Australian Red Cross is currently dealing with a massive IT security mishap that exposed thousands of Red Cross blood donors' personal information.

"The leak disclosed blood type, previous donations information and donor eligibility answers."

The IT leak didn't just reveal information such as names, telephone numbers, emails, addresses, and birth dates. It also disclosed blood type, records of previous donations, and donor eligibility data.

 

Troy Hunt, an IT security expert, first discovered the leak after someone contacted and provided him with a snippet of data from donateblood.com.au that included his personal information. The person then gave Hunt the entire set of data (1.74 GB or 1,286,366 records). The information also included Hunt's wife's personal information.

Hunt called the Red Cross breach "the largest ever leak of Aussie data from a local service."

What's even more shocking than the amount of records exposed is how easily they were accessed.

Hunt asked the sender how he found the data, and half expected he'd say it was due in part to a SQL injection. Instead, it was much simpler.

"What he'd actually been doing is simply scanning internet IP addresses and looking for publicly exposed web servers returning directory listings," Hunt wrote on his blog TroyHunt.com.

After scanning, the sender looked for files with an .sql extension. This would signify that a backup of the data existed. The Red Cross' backup was published on a public-facing website, and someone had turned on directory browsing, making it rather easy to find the backup. 

Hunt noted that it wasn't directly the American Red Cross' fault that this data became easily accessible. However, one of the organization's partners did have access to the data, and it appears that they accidentally published the information.

"Today, cybersecurity is more than just protecting your computer's IT lifelines."

It's critical to remember that cybersecurity involves more than just protecting your computer's IT lifelines. It's also about ensuring that employees don't make errors that reveal critical data to cybercriminals.

When this happens, the company is at the mercy of whoever has that information, including those who could blindside the company.

Luckily for the Red Cross, Hunt was the first to know about the breach and he took the proper, ethical measures to publicly protect the company. Instead of going to the media, he went to one of his trusted sources who worked at AusCERT, a Cyber Emergency Response Team for Australia, which provides IT security advice for members. The Red Cross was a member, so AusCERT reached out to them immediately. The Red Cross contacted Hunt and within a couple of days the organization released a statement on its own terms, which was later covered in more detail by ABC.

It's absolutely crucial that companies take the proper steps to keep their data safe. The last thing they want to do is get caught off guard after the fact, and stumble their way into a resolution.

How You Can Gain Peace of Mind

EiQ offers two SOCVue® hybrid security-as-a-service solutions that can help organizations of any size affordably and effectively improve their cybersecurity and compliance posture:

  • SOCVue Security Monitoring gives you visibility and control over your IT environment. You’ll get best-of-breed Log Management and SIEM that is managed around-the-clock for real-time threat detection, analysis and notification, proactive remediation guidance, and compliance auditing.
  • SOCVue Vulnerability Management reduces your attack surface and mitigates risk with unlimited managed scans, analysis, risk prioritization, and remediation guidance. Focus on what matters most: your core business.

EiQ’s SOCVue combine the best people, process, and technology to build the enterprise-class IT security program your organization needs. That’s because SOCVue gives you the flexibility and cost savings of a security software-as-a-service offering, but also provides a world-class team of security and technology experts to manage the technology and help implement cybersecurity best practices.

With all the challenges you face today while trying to keep your organization safe, having the best IT security solutions in your corner should not be one of them. Request a demo today to see how quickly and affordably you can improve your security and compliance posture with EiQ.

Request Free Demo Now!

Tags: Data Breach, Hacking, Hackers, Non Profit

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All