Feeds

Medvet board to investigate privacy breach

More faces meet palms in South Australia

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Medvet, the paternity-and-drug-testing laboratory owned by the South Australian Government that allowed Google to index its customer records until last weekend, says it will investigate how the breach occurred.

According to the Australian Broadcasting Corporation’s PM radio programme on Monday evening, the breach affected more than 800 individuals who had placed online orders with the company.

The Australian, which broke the story on Saturday (July 16) has also said that the privacy breach, known to the company since April, wasn’t reported to the South Australian government until the weekend, even though a Health Department manager sits on the company’s board.

Speaking to PM, Medvet CEO David Swan said “it appears that there’s been some issue … that’s occurred with the software between Google and some software that’s being used by the company to register requests for drug tests.”

Swan said the company has requested its board to conduct “an independent investigation both from a forensic IT perspective but also from the events which have led up to this”.

What appears to be inadequate communication between the Medvet board and its owner, the South Australian Government, seems surprising considering that a sale of the company had been http://www.health.sa.gov.au/Default.aspx?tabid=792 proposed in the 2010-2011 state budget.

The government’s public budget papers didn’t put a valuation on Medvet, but a copy of internal budget documents leaked on a USB key to the ABC last year put a valuation of AU$15 million on the company.

The Australian Privacy Foundation’s health chair Juanita Fernando told PM that litigation is inevitable following the Medvet breach. ®

Bootnote: This author was taken to task yesterday for over-emphasising the role of robots.txt. That’s a fair cop: but protecting sensitive information should be part of Web 101 for an organization such as Medvet. Public humiliation should be the least of the punishments. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.