Nova Entertainment of Lachlan Murdoch warned more than 250,000 listeners that data collected between 2009 and 2011 was publicly disclosed, including residential addresses and dates of birth.
In a statement on Thursday, Nova Chief Executive Officer Cathy O’Connor said that individuals were notified of the steps they could take with disclosed information varying from person to person.
“We are taking all necessary steps to ensure the strength and efficiency of our cyber security and there is currently no evidence of any suspicious activity or threat to the systems of Nova Entertainment,” said Ms O’Connor.
“We take privacy and the security of the information we collect from our listeners very seriously, and I deeply and sincerely regret this incident on behalf of Nova Entertainment,” she said.
Data breach information as varied as user names and passwords (protected by a security technique known as hashing), home addresses, emails, telephone numbers, gender and date of birth. A total of 261,948 people are involved in the infringement.
Nova has radio stations in Sydney, Melbourne, Brisbane, Adelaide and Perth, and an email, SMS or letter is expected to be sent to the affected people.
No financial information or copies of the ID were disclosed and the statement stated that the existing systems of Nova had “no reason to believe.”
Details about how many people have accessed the data are still to be disclosed.
The information publicly disclosed in this violation is described in the statement of the radio network as a “legacy dataset “from May 2009 to October 2011.
People are encouraged to change their passwords, review their credit report for unusual activities and allow additional security measures if necessary. Nova carries out an investigation into the problem with cybersecurity consultants explaining how the data breach occurred.
The radio network informed the Australian Information Commissioner’s Office (OAIC) and is in contact with law enforcement agencies. IDCARE cyber support service to help those affected by the violation in late December and early January.
The breach of data occurs during increased scrutiny of all companies regarding the handling of sensitive customer data after a year of heated debate about privacy practices and data concerns about Facebook and Google Internet giants and government initiatives such as My Health Record.
New legislation introduced in early 2018 required mandatory reporting of data breaches for companies, government agencies and non – profit organizations with an annual turnover of at least 3 million dollars. This has taken many small enterprises throughout the country. Under these rules, companies are given 30 days to inform and inform the OAIC of the persons affected.
The latest data from the OAIC for the period from three months to September 2018 shows 245 notifications of violations over the period.
The majority of people involved less than 1000-two affected more than 100,000-and contact information was the most common data. More than half of these violations were caused by malicious or criminal attacks, while 37% were caused by human error.