Details are still emerging of the exact nature of the data breach that appears to have resulted in the personal information of patrons of several NSW pubs and clubs being compromised.
A website has been created claiming to have access to that personal information and threatening to release it. The website claims to have the personal information of just over a million people, including facial recognition biometrics, driver licenses, phone numbers, and even poker machine usage details.
Although some examples are provided in support of this claim, there are at present conflicting claims as to how they were obtained.
Whatever emerges from this incident, it should serve as a timely reminder to all businesses to pay careful attention to their cyber supply chain. The Australian Signals Directorate provides some useful advice for businesses of all sizes on managing the cyber supply chain.
They advise that the key tasks are:
· Identifying your supply chain
· Understanding the associated risks
· Setting security expectations
· Regular compliance audits and
· Monitoring and regularly improving your practices.
It is crucial to know what other participants are involved in your cyber supply chain and what steps they are taking to ensure best practice for all forms of cyber resilience.