Red Cross Blood Services Data Breach Serves as Cyber-Security Warning

November 18, 2016

 

The recent data breach that leaked the personal data of 550,000 blood donors from the Red Cross Blood Service has reaffirmed the very relevant matter of cyber-security to all Australian businesses.

The Red Cross Blood Service claim “human error” was at fault for donor information being placed on an “insecure computer environment” and “accessed by an unauthorised person”.

The data came from an online application form and included personal details including name, gender, address, and DOB… but perhaps most damagingly, answers to a number of true-or-false questions, including one that asked donors whether they had engaged in “at-risk sexual behaviour” in the past 12 months.

Red Cross Blood Service Chief Executive Shelly Parks has stated that “as an organisation, we are still in the process of completing our investigation and we have engaged forensic experts to help us with this.” She also said that to her knowledge, all copies of the data had now been deleted, and “”We apologise and we acknowledge that this is unacceptable.”

text message

This data breach is said to be the biggest in Australian history… though it is certainly not an isolated incident. The Federal Government estimates up to 700,000 businesses have experienced some form of cyber-breach, and over half of these were on small businesses without the resources to properly protect themselves… accounting for an average cost per attack of $275,000.

Don’t Risk It!

Despite the growing number of incidents, many businesses are still not properly equipped to deal quickly and effectively with a data breach or cyber-attack should it occur.

A cyber insurance policy can protect a business against a number of damages, including:

  • Covering costs for lost profits
  • Costs of defending against claims from third parties
  • Fixing or replacing lost, damaged or destroyed IT systems
  • Cost of legal fees for negotiating against an extortion attempt
  • Covering fines or penalties incurred as a result of privacy breaches

A good cyber policy can even provide against damages to a businesses reputation or brand covering public relations consultancy.

At GSK Insurance Brokers, we have experience providing thorough cyber risk analysis and assessment services to help develop comprehensive cyber insurance packages for Australian businesses.

Contact us today for further information or advice.

Any donors concerned about the leak can contact the Red Cross via a dedicated hotline. Furthermore, they have set up a link for those who have been impacted by the breach to seek assistance.