The Victorian Government has apologised to almost 9,000 gun owners after a “deeply concerning” data breach resulted in thousands of gun owners’ personal details mistakenly being emailed out.
The error occurred on eight separate occasions, with the attached files including between 800 to 1,900 names.
“It really was a simple case of human error,” the department’s communications executive director Catherine Payne said.
“The [staff] concerned are horrified … and have been counselled.”
A spokesperson for the Agriculture Minister Jaala Pulford apologised and issued a statement saying the breach is deeply concerning and unacceptable.
“It’s something the Government is taking very seriously,” the spokesperson said.
The Shooters and Fishers Party said the mistake proves why gun registries should be dumped.
“A nice handy list of all the people who are keeping firearms in their homes would be great in the hands of a criminal,” Shooters and Fishers MP Daniel Young said.
The party supports licensing for gun users, but says governments should not keep a list of all gun owners with registered firearms.
“This information can be leaked very easily, and it’s quite serious,” Mr Young said.
Department ‘can’t be sure’ information not misused
The department has contacted the eight people the emails were sent to and said each has either deleted it, or never received it at all due to a large file size.
“We can’t be sure [it hasn’t been misused],” Ms Payne said.
“That’s the reason we’ve taken the approach of communicating directly with customers.”
Dr Vanessa Teague, from the University of Melbourne, said the incident demonstrates how easy it is for these types of breaches to happen.
“There was no hacking, there was no subtle cryptographic error. This was just somebody emailing something they shouldn’t have,” she said.
“Once you’ve emailed it out of that secure place where it was supposed to be, you completely lose control of where that data has gone.”
On advice from the state’s Privacy Commissioner, the department is posting letters to each of the 8,709 people involved. The department has also contacted Victoria Police.
The department said its treatment of private data was unacceptable, and has suspended using emails to handle gun licence renewal information.
“From time to time, things happen that you wish didn’t,” Ms Payne said.
“The big takeaway is to never lose sight of the importance of training for customer service staff about the handling of customer data and privacy requirements.”[box type=”shadow” align=”aligncenter” ]This article was originally posted on the 18/1/17 at 5.12pm on the ABC News website. To read the original article please click here: https://www.abc.net.au/news/2017-01-18/gun-owners-personal-details-released-in-email-error-in-breach/8191594?pfmredir=sm[/box]