The leak in Australia happened because a file was left unsecured by a third party provider The Australian Red Cross said its blood donor service has found that registration information of 550,000 donors had been compromised, which the agency blamed on human error by a third-party contractor.The moot issue at this point, which may decide how the breach unfolds, is that nobody knows how many people have the data. The information from 2010 to 2016 was available on the website from Sept. 5 to Oct. 25. this year.The database backup, consisting of 1.74GB with about 1.3 million records, contains information about blood donors, such as name, gender, physical address, email address, phone number, date of birth, blood type, country of birth, and previous donations, according to security researcher Troy Hunt.In a statement apologizing for the incident, the Australian Red Cross said Friday that its Blood Service became aware on Oct. 26 that the file containing donor information had been placed in “an insecure environment” by the third party charged with developing and maintaining the Blood Service’s website. The information was copied by a person who was scanning for security vulnerabilities who later, through an intermediary, informed the Australian Cyber Emergency Response Team (AusCERT) with whom the Blood Service has membership, the Australian Red Cross said.“We have managed to have all known copies of the archive deleted, and have removed the vulnerability from the web developer’s server,” it added. The agency has also hired a team of experts to do the forensic analysis of the incident and is also setting up a task force to evaluate governance and the security structures of the blood service. Hunt wrote that he was contacted on Tuesday morning by someone who found the data on donateblood.com.au, the website of the Blood Service, while scanning internet IP addresses on the lookout for publicly exposed web servers returning directory listings. The backup database was published to a publicly facing website, which had directory browsing enabled on the server, according to Hunt.“Showing a public listing of the file contents of the server is a well-known risk and there’s rarely a valid justification for this, precisely for the sorts of reasons demonstrated with this incident,” he wrote.Troy said he contacted AusCERT, the Australian version of the computer emergency response teams that many countries including the U.S. have, and they got in touch with the Red Cross. Related content news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Advanced Persistent Threats Advanced Persistent Threats news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices feature 20 years of Patch Tuesday: it’s time to look outside the Windows when fixing vulnerabilities After two decades of regular and indispensable updates, it’s clear that security teams need take a more holistic approach to applying fixes far beyond the Microsoft ecosystem. By Susan Bradley Dec 06, 2023 6 mins Patch Management Software Threat and Vulnerability Management Windows Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe