Feeds

Medvet board to investigate privacy breach

More faces meet palms in South Australia

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

Medvet, the paternity-and-drug-testing laboratory owned by the South Australian Government that allowed Google to index its customer records until last weekend, says it will investigate how the breach occurred.

According to the Australian Broadcasting Corporation’s PM radio programme on Monday evening, the breach affected more than 800 individuals who had placed online orders with the company.

The Australian, which broke the story on Saturday (July 16) has also said that the privacy breach, known to the company since April, wasn’t reported to the South Australian government until the weekend, even though a Health Department manager sits on the company’s board.

Speaking to PM, Medvet CEO David Swan said “it appears that there’s been some issue … that’s occurred with the software between Google and some software that’s being used by the company to register requests for drug tests.”

Swan said the company has requested its board to conduct “an independent investigation both from a forensic IT perspective but also from the events which have led up to this”.

What appears to be inadequate communication between the Medvet board and its owner, the South Australian Government, seems surprising considering that a sale of the company had been http://www.health.sa.gov.au/Default.aspx?tabid=792 proposed in the 2010-2011 state budget.

The government’s public budget papers didn’t put a valuation on Medvet, but a copy of internal budget documents leaked on a USB key to the ABC last year put a valuation of AU$15 million on the company.

The Australian Privacy Foundation’s health chair Juanita Fernando told PM that litigation is inevitable following the Medvet breach. ®

Bootnote: This author was taken to task yesterday for over-emphasising the role of robots.txt. That’s a fair cop: but protecting sensitive information should be part of Web 101 for an organization such as Medvet. Public humiliation should be the least of the punishments. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.