Red Cross Data Leak; Personal Data of 550,000 Blood Donors Stolen

Australia Blood Donors data has been stolen — It is Australia’s largest security breach ever.

Lately, the International Red Cross has been surrounded by controversy but in the latest, the organization has suffered a massive leak in which personal details of 550,000 blood donors in Australia have been stolen.

The organization has acknowledged the hack and confirmed that due to a human error an unknown hacker was able to steal 1.74GB SQL file that contained personal details of blood donors in Australia including name, gender, date of birth, addresses of blood donors from between 2010 and 2016.

Also Read: Researcher Threatened with Infection For Exposing Flaw in HIV Dating App

According to a report by ABC, a third party responsible for maintaining the Red Cross website had mistakenly posted donors’ data on a website that allowed the “unauthorized person” to download it without any restrictions but the most concerning thing is that the data also includes “at-risk sexual behavior” or “Risky sexual behavior,” commonly defined as behavior that increases one’s risk of contracting sexually transmitted infections and experiencing unintended pregnancies.

Troy Hunt, Microsoft Regional Director for Australia who is known for collecting and storing hacked/leaked data was contacted by the hacker who downloaded the unprotected donors’ SQL file and revealed that the data even contains Hunt’s and his wife’s details.

Hunt now has access to the data and according to him the data includes First name, Last name, Gender, Physical address, Email address, Phone number, Date of birth, Blood type, If they’d previously donated, Country of birth, When their record was created, The type of donation (Plasma, Plasmapheresis, Platelet, Plateletpheresis, Whole Blood), When each donation occurred and Donor eligibility answers.

Text messages sent by Australian Redcross blood donors informing them about the data leak. Source: ABC
Also Read: Johnson & Johnson’s Insulin Pumps vulnerable to cyber attacks

On the other hand, Red Cross Blood Service chief executive Shelly Park has apologized for the massive breach.

“We apologize and we acknowledge that this is unacceptable,” she said. “As an organization, we are still in the process of completing our investigation and we have engaged forensic experts to help us with this.”

At the time of publishing this article, Red Cross was in touch with the Australian Federal Police regarding the breach.

Related Posts