Several other data breaches were also discovered in the investigation.
The Australian Human Rights Commission had attachments inadvertently exposed after being indexed by search engines.
According to SecurityWeek, the attachments were submitted via its online web forms.
Included in the exposed data were names, home addresses, phone numbers, email addresses, employment details, education and religious information, health details, and photos, according to the AHRC.
"The Commission's best information is that around 670 documents were made potentially accessible in error. Of these, around 100 documents were accessed online, for example by search engines such as Google or Bing," said the AHRC, which is already seeking the removal of exposed documents from search engines, as well as notifying individuals impacted by the incident.
Aside from leaking complaints submitted between March 24 and April 10, such an incident also revealed data from those who submitted nominations to the Human Rights Awards 2023 from July to September of that year, as well as those who passed concept papers from October 2021 to February 2022.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
