Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Newcastle Herald
Newcastle Herald
National

Disability group says sorry after cyber hack

  • FROM: P1
The photo used by Lifestyle Solutions and its new partner Possability, announcing a merger of the two disability organisations.

The affected individual said they had also been caught in the Optus hack and had done everything possible to protect their information by various methods including changing passwords.

They had gone to Service NSW at Wallsend for new driver's licence number after the Lifestyle Solutions hack but were told it would not be done unless they were already a fraud victim.

"I'm trying to stop myself becoming the victim of fraud, but they don't make it easy," the person said.

A government response yesterday did not clarify the Wallsend advice but said anyone who believed they had been "the subject of identity theft or fraud should apply for a request for a new driver licence number".

The Lifestyle Solutions spokesperson said the Office of the Australian Information Commissioner and the Australian Cyber Security Centre had been notified of the breach and "we have continued to liaise with them in relation to the event".

"Upon discovery of the cyber event, we took immediate action to deactivate our affected systems, secure our IT environment, and engage leading external forensic IT and cyber security expert advisers to assist us in responding to the event, which included conducting a full investigation into what happened," the Lifestyle Solutions spokesperson said.

Asked about the time it took to tell those affected, Lifestyle Solutions said: "Regarding notification to affected individuals, it was necessary for us to carefully analyse the potentially affected dataset to understand exactly what information may have been affected and who it belonged to so that our notification to affected individuals was accurate and did not cause any undue alarm or distress. This type of detailed analysis takes time, and we have been mindful to ensure our process and notification was as thorough and accurate as possible."

Emails show Lifestyle Solutions telling those affected it had "no reason to believe or evidence to suggest that data has been or will be misused by the third party" that obtained the information.

But one person affected said that on the details Lifestyle Solutions had provided, there was no reason to believe the information would not be misused.

"Otherwise, why take it?" the impacted individual said.

The Office of the Australian Information Commissioner confirmed it had been notified of the incident by Lifestyle Solutions, but said confidentiality requirements meant it could only give limited responses. The office said it expected any organisation covered by the Privacy Act and responding to a data breach involving personal information to act quickly and to notify those affected "as soon as possible".

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.