Registration information of 550,000 donors is been compromised said the Red Cross’s blood donor service from Australia. In addition, the organization is blaming a third party contractor for the incident. The information from 2010 to 2016 is available on the website, however, the key point is it is uncertain how many people have the data. According to security researcher Troy Hunt, about 1.3 million records are available on the database backup, which consists of 1.74 GB. The backup contains details like Physical address, Name, Gender, DOB, Blood Type, Phone number, etc. The third party charged with maintaining and developing the Blood Service website has placed the file containing the information in an insecure location said Red Cross in a statement.
A person who was scanning for security susceptibilities who later, through an intermediate, informed the Australian Cyber Emergency Response Team (AusCERT) with whom the Blood Service has membership copied the information, the Australian Red Cross said. All the archive known to the organization has been deleted and vulnerabilities from the web developer server have been removed. A team of experts is been hired by the agency in order to take off the forensic analysis of the incident and to appraise authority and the security structures of the blood service a security force has been set up.