The Data Breach of HR tech platform PageUp has affected Australia’s largest corporations including, Coles, AMP, Commonwealth Bank and ANZ to name a few.
Originally founded by husband and wife team Karen and Simon Cariss 20 years ago as a recruitment platform to manage job applications, it has since become a big local tech success story, expanding to include employee on boarding, performance management, learning and development and succession planning.
However once the security breach hit, there was talk of class action from their high profile clients like Coles and Telstra as they had to pull down their job websites in fear of being tangled in the breach.
According to Financial Review even a month after the breach, Australia Post is keeping its job sites down as well as Telstra. Karen Cariss said to Financial Review that after the tragedy arose they have hired independent security specialists Hivnit which brought together a multidisciplinary team, including the Australian Cyber Security Centre (ACSC), Computer Emergency Response Team, Joint Cyber Security Centre, Australian Federal Police, IDCARE, and digital forensic business Klein & Co.
Lessons Learnt from PageUp
“Ultimately, the aim of the regulators, our clients and ourselves are aligned – to notify potentially affected individuals as soon as possible. We are currently working with our clients to support any potentially impacted individuals,” Carissa reported to Financial review.
Organisations need to look at their own systems and make sure to have plans in place to deal with a cyber malware incident.
PageUp’s security issue was caught quite early on, it is important for security analysts to be vigilant of any minor discrepancies in their data sets.
You could be next!
The incident did not just affect PageUp, it affected all their clients which included high net-worth clients like, Commonwealth Bank, Macquarie, Myer and the like. It was a ripple-effect that affected big players in the Australian economy.
the PageUp breach is a wake up call for all businesses using any software as a service to assess which business processes have been effectively outsourced as a result. They can then workaround how to come out of a data breach aftermath.
Learn from Angelene Falk (Acting Australian Information Commissioner and Acting Privacy Commissioner), Jason Holandsjo (Chief Compliance & Privacy Officer, Telstra) and other Canons in the Securities Sector at the Data Privacy & Protection Conference on the 11-12 th of September.