NSW Privacy Commissioner, Samantha Gavel
The Market Online - At The Bell

Join our daily newsletter At The Bell to receive exclusive market insights

  • The personal information of over 50,000 New South Wales citizens has been breached after being left mistakenly exposed on an Amazon cloud storage service
  • Security consultant Bob Diachenko stumbled across a folder with front and back scans of over 54,000 driver’s licences while investigating a different data breach
  • This means the names, addresses, dates of birth, and pictures of the NSW residents implicated in the breach were left exposed
  • Criminals can use this information to apply for credit or to gain access to more personal information from the NSW motorists
  • The NSW government said a commercial business with no relation to the government was to blame for the breach
  • So far, the NSW residents implicated in the data breach have not yet been contacted

The personal information of over 50,000 New South Wales citizens has been breached after being left mistakenly exposed on an Amazon cloud storage service.

The data breach was flagged by Ukrainian security consultant Bob Diachenko, who accidentally came across the information while investigating a different data breach.

Bob stumbled across a misconfigured Amazon S3 cloud storage system holding front and back scans of NSW drivers’ licences.

Altogether, there were over 108,000 images in the folder — more than 54,000 licences.

This means the full names, dates of birth, addresses, and pictures of tens of thousands of NSW motorists have been left exposed. Criminals can use this information to assume the identity of the drivers and, from there, the potential for fraud is wide.

People with malicious intent can use the information to impersonate the owner of the driver’s licence and apply for credit or gain access to more personal information.

Especially given that an Australian driver’s licence is a primary form of identification, scammers with access to the breached images can fool organisations into thinking they are the owner of the card.

Bob said it wasn’t clear how long the files were accessible and if they had been copied by a criminal, but the opportunity was certainly there.

Government not to blame

A Transport for NSW spokesperson said the images of the licences were not related to any government system.

“Transport for NSW does not retain, nor collect tolling data in the manner described,” the spokesperson said.

“Transport for NSW is, however, working with Cyber Security NSW to investigate the alleged data issue relating to an Amazon Web Services S3 bucket containing personal information including driver licences,” she said.

The office of the NSW Privacy Commissioner said as far as it understands, a commercial business unconnected to the NSW government was responsible for the breach.

Amazon has been contacted and the cache has been taken offline. Of course, this doesn’t mean Amazon was responsible for the breach, but rather the business using Amazon’s S3 bucket cloud storage service.

The NSW government has not yet alerted the people whose information was breached.

Once notified, however, those implicated in the breach can request a new license.

More From The Market Online
AI image representing commodity price trends

Waning appetites for green metals and the ‘comfortable’ safe haven of gold: Thoughts on investment and commodities

Lithium's past highs and recent lows, in addition to copper's rally and gold's strong performance are…
Two miners digging in a cave awash with gold light.

The ASX gold miners benefiting most from gleaming bullion prices

Gleaming gold prices across the globe have helped several ASX gold miners sparkle especially bright as…
Image representing economic data.

GDP grows 0.2% in June quarter, but annual growth the slowest since the 1990s

Australian GDP for the June quarter came in on-target at 0.2%, the same figure as in…
Stack of coins next to a upward curve symbolizing rising costs due to inflation

Inflation cools in the 12 months to July, with reading of 3.5%

Australia's CPI reading for the 12 months to July showed an increase by 3.5%, down from…