‘Little risk’ from PageUp breach
IDENTITY theft was unlikely to have occurred as a result of a data breach that has hit some of Geelong’s biggest organisations.
The City of Greater Geelong and Transport Accident Commission are among the clients of recruitment portal PageUp, which has confirmed that its data was accessed after “unusual activity” last month.
Other users of PageUp’s software system include Australia Post, Target, Commonwealth Bank, Coles and Telstra. TAC and the council have written to all of their job applicants in the past 18 months, warning them they may have been affected.
HR executive Andrew Keen said the council continued to monitor the situation and were liaising with other authorities to ensure the security of the system was maintained.
“As a precaution we have advised users of the system to follow good security practices including password resets.”
People who applied for a job through the PageUp system have been potentially exposed. This includes details such as gender, date of birth, middle name and nationality.
Work referees and some external recruitment agencies could also have been affected, PageUp said.
“We are confident that the most critical data categories including resumes, financial information, Australian tax file numbers, employee performance reports and employment contracts are not affected in this incident,” PageUp said.
Australia and New Zealand’s national identity and cyber support service, IDCARE, said investigations had found that the direct risk of identity theft was unlikely.
“Identity thieves typically require other forms of personal information to successfully manipulate this type of data,” IDCARE managing director Dave Lacey said.
“There are other risks that are likely to be more relevant to impacted individuals, including the possibility of phishing emails (and) telephone scam calls.”