In May 2022, the client management system for the Australian government’s NDIS (National Disability Insurance Scheme) suffered a data breach which was subsequently posted to an online hacking forum. The CTARS cloud platform is used by care providers to record information about NDIS participants and often contains sensitive medical information. Impacted data includes over 12k unique email addresses, physical addresses, names, dates of birth, phone numbers and data related to patient conditions and treatments.
Accounts breached: 12314
Breached on: May 21, 2021
Exposed data: Dates of birth, Email addresses, Genders, Names, Passwords, Personal health data, Phone numbers, Physical addresses, Salutations, and Usernames
Added on: May 31, 2022