Data breach exposes data of visitors to Clubs NSW venues
[ad_1]
A data breach appears to have exposed details of Australians who visited a number of NSW clubs and RSLs, including prominent politicians.
Developers employed by the company, which provides entry systems to the clubs, said they had published details of more than one million visitors online, prompting an investigation by NSW police.
2GB Breakfast host Ben Fordham told the station the breach was “causing a lot of concern in the NSW Parliament”.
He said the apparent leak included data scanned when people entered the clubs, including facial recognition, driver’s license details, signatures and addresses.
“There’s a company that allegedly didn’t pay some software developers in the Philippines,” Fordham said.
“These software developers have already set up their own website and they basically said ‘we got access to all these systems, our bills haven’t been paid for a year and a half and we’re not happy about it’.”
Fordham cautioned that it is not clear whether searching for personal data on the website is safe.
“Politicians started putting their names on the website,” Fordham said.
“There are details crossed out, but enough to know they ‘have my data.’
“What they’re really doing is saying, look, if you don’t pay our bill, you can only let your imagination know what happens next.”
West Tradies at Mt Druitt, City of Sydney RSL and Fairfield RSL are among those taking part.
The website claiming to reveal the data carries a statement from the people behind it, claiming they were “cut off” and not paid.
It says it has data including “biometric facial recognition data, driver’s license scan, signature, club membership details, address, birthday, phone number, club visit timestamps, slot machine usage”.
The site claims the systems provider has been hired to “build a suite of software systems” for casinos and clubs in Asia, Australia and the US.
“The developers were given access to the back-end systems of these game locations and were given responsibility to maintain the systems and were instructed to back up the data to the cloud,” it said.
“Developers gained access to raw data without any oversight…
“Then [the company] abruptly cut off developers and refused to pay for a year and a half of work.”
Clubs NSW are understood to have had an emergency meeting.
Fordham said bar giant Merivale was also affected.
NSW Police said officers from the State Crime Command’s cyber crime unit were “investigating a potential data breach”.
We have contacted Clubs NSW, Merivale and the entry system provider for comment.
[ad_2]