The Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines. Many of the hundreds of documents exposed online contained private, sensitive information, like names, contact information, health details, schooling, religion, employment info, and photographs. Apart from the standard “watch out for scams or suspicious activity” advice, AHRC also lists links to mental health support platforms, indicative of the distress that such a data exposure may cause to affected individuals. While some documents already public personal information, others expose sensitive data that may be damaging for the individuals submitting it in the context of the topics AHRC deals with. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. AHRC is an independent statutory body established by the Australian Government, with the primary role of promoting and protecting human rights in the country. It receives and investigates discrimination complaints, monitors compliance with international human rights obligations, conducts inquiries and research, and oversees related projects and initiatives. Meanwhile, AHRC has requested the immediate removal of the indexed files from search engines and disabled all web forms to prevent a subsequent exposure due to underlying misconfigurations. A dedicated taskforce and investigation are underway, while the Office of the Australian Information Commissioner (OAIC) has also been notified.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 14 May 2025 16:30:34 +0000