Data Breach at Page Up and Notifiable Data Breach Scheme
VerifiedAdded on 2023/06/07
|9
|2118
|68
AI Summary
This report discusses the recent data breach at Page Up and the Notifiable Data Breach Scheme (NDB) in Australia. It covers the responsibility of organizations, ways of notifying, requirements, and the importance of NDB.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: INTRODUCTION TO INFORMATION SYSTEM
INTRODUCTION TO INFORMATION SYSTEM
Name of Student
Name of University
Author’s Note
INTRODUCTION TO INFORMATION SYSTEM
Name of Student
Name of University
Author’s Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INTRODUCTION TO INFORMATION SYSTEM
Table of Contents
Introduction................................................................................................................................2
Discussion..................................................................................................................................2
Data Breach at Page Up.........................................................................................................2
Notifiable Data Breach Scheme (NDB).................................................................................3
Responsibility of organization...............................................................................................4
Ways of notifying...................................................................................................................4
Requirements..........................................................................................................................5
Conclusion..................................................................................................................................6
References..................................................................................................................................7
Table of Contents
Introduction................................................................................................................................2
Discussion..................................................................................................................................2
Data Breach at Page Up.........................................................................................................2
Notifiable Data Breach Scheme (NDB).................................................................................3
Responsibility of organization...............................................................................................4
Ways of notifying...................................................................................................................4
Requirements..........................................................................................................................5
Conclusion..................................................................................................................................6
References..................................................................................................................................7
2INTRODUCTION TO INFORMATION SYSTEM
Introduction
Data breach is a common activity that occurs when hackers try to steal data from the
system of an organization. Organizations invest a lump sum of money in securing their data
from data breaches because the database of an organization consists of numerous data
including confidential data regarding their operation and many more (Leonard and Principal
2018). Many companies have faced data breaches, a similar case would be discussed in this
report. A recent data breach took place in the company called Page Up that had affected the
Tasmanian University. This report would discuss regarding the case and then it would further
discuss about Notifiable Data Breach Scheme (NDB). At last the report discusses about the
responsibility of organization related the Federal Data Breach Notification Scheme.
Discussion
Data Breach at Page Up
Page UP is a $30 million company that had started in Melbourne. A data breach took
place in the company (Solomon 2017). The company said that the breach did not affect their
employment contracts, file numbers of tax, resumes and credit card data. Most of the data
exposed were the identities of employees or customers. Data such as names, email addresses,
street addresses, gender, telephone numbers and data related to that. These data were entered
in the system of the company by the job applicants. Details regarding referees as well as their
contact data were also exposed (Leonard and Principal 2018). It had been assumed that the
passwords used by the job applicants for applying for jobs might also have been seen by the
hackers (Abrahams and Griffin 2017). The breach had occurred during a similar attack that
took place in May in the IT system of PageUp in Australia as well as UK. PageUP has
notified its customers regarding the breach and in line with Notifiable Data Breaches Scheme,
Introduction
Data breach is a common activity that occurs when hackers try to steal data from the
system of an organization. Organizations invest a lump sum of money in securing their data
from data breaches because the database of an organization consists of numerous data
including confidential data regarding their operation and many more (Leonard and Principal
2018). Many companies have faced data breaches, a similar case would be discussed in this
report. A recent data breach took place in the company called Page Up that had affected the
Tasmanian University. This report would discuss regarding the case and then it would further
discuss about Notifiable Data Breach Scheme (NDB). At last the report discusses about the
responsibility of organization related the Federal Data Breach Notification Scheme.
Discussion
Data Breach at Page Up
Page UP is a $30 million company that had started in Melbourne. A data breach took
place in the company (Solomon 2017). The company said that the breach did not affect their
employment contracts, file numbers of tax, resumes and credit card data. Most of the data
exposed were the identities of employees or customers. Data such as names, email addresses,
street addresses, gender, telephone numbers and data related to that. These data were entered
in the system of the company by the job applicants. Details regarding referees as well as their
contact data were also exposed (Leonard and Principal 2018). It had been assumed that the
passwords used by the job applicants for applying for jobs might also have been seen by the
hackers (Abrahams and Griffin 2017). The breach had occurred during a similar attack that
took place in May in the IT system of PageUp in Australia as well as UK. PageUP has
notified its customers regarding the breach and in line with Notifiable Data Breaches Scheme,
3INTRODUCTION TO INFORMATION SYSTEM
the company had notified the office of Australian Information Commissioner. After around a
month of the data breach, the overall situation was unclear and the organizations did not have
an active and functioning site for recruitment. Most of them had to switch to SEEK or
LinkedIn for recruiting candidates.
Notifiable Data Breach Scheme (NDB)
Notifiable Data Breach Scheme is a type of scheme provided to organizations which
help them to secure their data and prevent data breaches. This act falls under privacy Act
1988 which is under Part3C (Dickinson 2018). As mentioned above, data breaches can prove
to be very dangerous for organizations as well as customers. The data stolen in the breach
might contain confidential information regarding the customers, employees and operational
activities of the organization. This Notifiable Data Breach Scheme helps the organizations to
be notified regarding numerous potential breaches (Abrahams and Griffin 2017). It also
provides the company knowledge of how they can handle the critical situation when data
breach has occurred. It detects the suspected breach and notifies the company regarding the
harms that it can cause (Johnston 2018). Data breach usually takes place when data is
mishandled such as data in the system of an organization is access by any unauthorized user,
the device of any user is lost and many more. One more important reason which causes data
breach is backdated systems and applications. The application used by an organization are not
updated very often, this give a path way to the hackers.
Notifiable Data Breach Scheme is very important for an organization because the
scheme helps them to act intellectually after a data breach occurs (Eckstein, Chalmers and
Critchley et al., 2018). It also provides the organization form any sort of data breach. When
the company is need to respond to the data breach, the scheme allows the transparency of the
company. The Notifiable Data Breach Scheme provides security to the data of companies in
the company had notified the office of Australian Information Commissioner. After around a
month of the data breach, the overall situation was unclear and the organizations did not have
an active and functioning site for recruitment. Most of them had to switch to SEEK or
LinkedIn for recruiting candidates.
Notifiable Data Breach Scheme (NDB)
Notifiable Data Breach Scheme is a type of scheme provided to organizations which
help them to secure their data and prevent data breaches. This act falls under privacy Act
1988 which is under Part3C (Dickinson 2018). As mentioned above, data breaches can prove
to be very dangerous for organizations as well as customers. The data stolen in the breach
might contain confidential information regarding the customers, employees and operational
activities of the organization. This Notifiable Data Breach Scheme helps the organizations to
be notified regarding numerous potential breaches (Abrahams and Griffin 2017). It also
provides the company knowledge of how they can handle the critical situation when data
breach has occurred. It detects the suspected breach and notifies the company regarding the
harms that it can cause (Johnston 2018). Data breach usually takes place when data is
mishandled such as data in the system of an organization is access by any unauthorized user,
the device of any user is lost and many more. One more important reason which causes data
breach is backdated systems and applications. The application used by an organization are not
updated very often, this give a path way to the hackers.
Notifiable Data Breach Scheme is very important for an organization because the
scheme helps them to act intellectually after a data breach occurs (Eckstein, Chalmers and
Critchley et al., 2018). It also provides the organization form any sort of data breach. When
the company is need to respond to the data breach, the scheme allows the transparency of the
company. The Notifiable Data Breach Scheme provides security to the data of companies in
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INTRODUCTION TO INFORMATION SYSTEM
Australia (Eckstein, Chalmers and Critchley et al., 2018). Along with this, it also suggests
various steps that are to be followed by the organization in order to decrease the level of
damage caused by breach (Annetts 2018). As a result it is very important for a company to
take the help of Notifiable Data Breach Scheme.
Responsibility of organization
The university should adapt and use the benefits provided by Notifiable Data Breach
Scheme. This scheme provides service to the organizations that need to secure their data from
data breaches and want to get notified when they are attacked by hackers (Bird 2017). The
Notifiable Data Breach Scheme covers various areas such as Australian government agencies,
non-profit organizations, agencies, health care institutes, universities, businesses and many
more industries. Notifiable Data Breach Scheme notifies the organizations about the possible
data breaches. This scheme provides immense benefits to the organizations using them (Bird
2017). This is because it falls under the act of privacy of data. Besides this it also provides
recommendations that are to be followed in order to get rid of the data breach. The attack in
PageUp has affected many industries like Tasmanian University (Bird 2017). Notifiable Data
Breach Scheme is not able to notify the organizations regarding all the sort of data breaches
because there are many exceptional cases in data breaches. The responsibility of protecting
data lies to the organization (Bird 2017). If they do not secure their data any scheme would
not be able to help them to prevent data breaches.
Ways of notifying
The main aim of Notifiable Data Breach Scheme is to notify organizations regarding
the possible data breaches. Sending a notification is a very important step in order to get rid
of the breach (Brown 2017). The notification consists of information like
Description of the data breach
Australia (Eckstein, Chalmers and Critchley et al., 2018). Along with this, it also suggests
various steps that are to be followed by the organization in order to decrease the level of
damage caused by breach (Annetts 2018). As a result it is very important for a company to
take the help of Notifiable Data Breach Scheme.
Responsibility of organization
The university should adapt and use the benefits provided by Notifiable Data Breach
Scheme. This scheme provides service to the organizations that need to secure their data from
data breaches and want to get notified when they are attacked by hackers (Bird 2017). The
Notifiable Data Breach Scheme covers various areas such as Australian government agencies,
non-profit organizations, agencies, health care institutes, universities, businesses and many
more industries. Notifiable Data Breach Scheme notifies the organizations about the possible
data breaches. This scheme provides immense benefits to the organizations using them (Bird
2017). This is because it falls under the act of privacy of data. Besides this it also provides
recommendations that are to be followed in order to get rid of the data breach. The attack in
PageUp has affected many industries like Tasmanian University (Bird 2017). Notifiable Data
Breach Scheme is not able to notify the organizations regarding all the sort of data breaches
because there are many exceptional cases in data breaches. The responsibility of protecting
data lies to the organization (Bird 2017). If they do not secure their data any scheme would
not be able to help them to prevent data breaches.
Ways of notifying
The main aim of Notifiable Data Breach Scheme is to notify organizations regarding
the possible data breaches. Sending a notification is a very important step in order to get rid
of the breach (Brown 2017). The notification consists of information like
Description of the data breach
5INTRODUCTION TO INFORMATION SYSTEM
The data that are at risk
Identity and contact details of the organization
Recommendation regarding what should be done further.
It is important for all the employees to look after the data of organization. the
organization should take various steps to see privacy law and assess it.
Requirements
In order to use the benefits provided by Notifiable Data Breach Scheme the
organizations need to follow some steps. Some steps are as follows
Security audit has to be carried out in order to keep an eye on the information
(Daly 2018). In this audit, security of information is gathered for using it
further.
A data breach would be established in order to response the particular team of
the organization regarding the data breach.
Depending on the data breach, a plan has to be created which would be helpful
in responding to the breach (Daly 2018). Updating of the plan can be carried
out. In this particular stage, the employees of the company are provided
training about the responses that should be given when the company faces a
data breach.
In this step, the basic contracts would be properly reviewed along with
software providers of a third party.
For preventing the information to be lost in data breach, the organization must take
necessary measures. Employees should also contribute in this (Feary 2018). The organization
should access the data breach which is suspected. This data breach should then be mitigated
by applying various steps. Apart from this, the organization should also leave using certain
The data that are at risk
Identity and contact details of the organization
Recommendation regarding what should be done further.
It is important for all the employees to look after the data of organization. the
organization should take various steps to see privacy law and assess it.
Requirements
In order to use the benefits provided by Notifiable Data Breach Scheme the
organizations need to follow some steps. Some steps are as follows
Security audit has to be carried out in order to keep an eye on the information
(Daly 2018). In this audit, security of information is gathered for using it
further.
A data breach would be established in order to response the particular team of
the organization regarding the data breach.
Depending on the data breach, a plan has to be created which would be helpful
in responding to the breach (Daly 2018). Updating of the plan can be carried
out. In this particular stage, the employees of the company are provided
training about the responses that should be given when the company faces a
data breach.
In this step, the basic contracts would be properly reviewed along with
software providers of a third party.
For preventing the information to be lost in data breach, the organization must take
necessary measures. Employees should also contribute in this (Feary 2018). The organization
should access the data breach which is suspected. This data breach should then be mitigated
by applying various steps. Apart from this, the organization should also leave using certain
6INTRODUCTION TO INFORMATION SYSTEM
applications or measures that increase the chance of data breach. The organization should
ensure that they have saved their confidential data in a secured place which is out if the reach
of third parties (Feary 2018). Third parties that do not have the authentication to access the
data are harmful for the organization. In order to prevent any sort of vulnerabilities, the
organization should utilize their data in an efficient manner (Feltham 2017). Companies
should follow certain steps like using a proper firewall to prevent unauthorized users to get
access to the data, updating the systems as well as applications used by the organization for
various purposes and many more in order to secure their data. The database where all the data
is stored should be secured with necessary measures. The data breach would be successful
only if the target organization is affected and a huge amount of data has been stolen. Most of
the times, employees are allowed to access data with the help of their personal devices like
phones, laptops and tabs (Feltham 2017). These devices should be secured with proper
passwords and two-step verification. Two-step verification is a very effective method to
secure data.
Conclusion
From the above report, it can be concluded that Notifiable Data Breach Scheme has
been very helpful for various organization. The basic feature of Notifiable Data Breach
Scheme is to send notification to the organization regarding a data breach that took place or
has the possibility to occur. The report consists of various steps that the organization should
take place in order to use the scheme effectively. The requirements that the organizations
should have are also mentioned. The features mentioned in the notification sent by Notifiable
Data Breach Scheme have been mentioned.
applications or measures that increase the chance of data breach. The organization should
ensure that they have saved their confidential data in a secured place which is out if the reach
of third parties (Feary 2018). Third parties that do not have the authentication to access the
data are harmful for the organization. In order to prevent any sort of vulnerabilities, the
organization should utilize their data in an efficient manner (Feltham 2017). Companies
should follow certain steps like using a proper firewall to prevent unauthorized users to get
access to the data, updating the systems as well as applications used by the organization for
various purposes and many more in order to secure their data. The database where all the data
is stored should be secured with necessary measures. The data breach would be successful
only if the target organization is affected and a huge amount of data has been stolen. Most of
the times, employees are allowed to access data with the help of their personal devices like
phones, laptops and tabs (Feltham 2017). These devices should be secured with proper
passwords and two-step verification. Two-step verification is a very effective method to
secure data.
Conclusion
From the above report, it can be concluded that Notifiable Data Breach Scheme has
been very helpful for various organization. The basic feature of Notifiable Data Breach
Scheme is to send notification to the organization regarding a data breach that took place or
has the possibility to occur. The report consists of various steps that the organization should
take place in order to use the scheme effectively. The requirements that the organizations
should have are also mentioned. The features mentioned in the notification sent by Notifiable
Data Breach Scheme have been mentioned.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INTRODUCTION TO INFORMATION SYSTEM
References
Abrahams, N. and Griffin, J., 2017. Privacy law: The end of a long road: Mandatory data
breach notification becomes law. LSJ: Law Society of NSW Journal, (32), p.76.
Annetts, D., 2018. Webwaves: Data protection. Preview, 2018(194), pp.38-38.
Bird, S., 2017. Mandatory notifiable data breaches. Good Practice, (12), p.26.
Brown, H., 2017. Privacy law and cyber security: Is your practice secure?: Client
confidentiality and data breach. LSJ: Law Society of NSW Journal, (39), p.88.
Daly, A., 2018. The introduction of data breach notification legislation in Australia: a
comparative view. Computer Law & Security Review, 34(3), pp.477-495.
Dickinson, C., 2018. No more cyber breach secrets. Journal (Real Estate Institute of New
South Wales), 69(2), p.28.
Eckstein, L., Chalmers, D., Critchley, C., Jeanneret, R., McWhirter, R., Nielsen, J., Otlowski,
M. and Nicol, D., 2018. Genomic data sharing: the Australian context. Human genetics, pp.1-
9.
Feary, G., 2018. Risk watch: Notifiable data breaches and the privacy act: Is your law
practice bound?. Bulletin (Law Society of South Australia), 40(2), p.21.
Feltham, M., 2017. Three things you need to know about cybersecurity and some recent
regulatory changes in Australia trends and special topics. Governance Directions, 69(3),
p.152.
Johnston, A., 2018. 2018: A year of significant changes to privacy law. LSJ: Law Society of
NSW Journal, (41), p.84.
References
Abrahams, N. and Griffin, J., 2017. Privacy law: The end of a long road: Mandatory data
breach notification becomes law. LSJ: Law Society of NSW Journal, (32), p.76.
Annetts, D., 2018. Webwaves: Data protection. Preview, 2018(194), pp.38-38.
Bird, S., 2017. Mandatory notifiable data breaches. Good Practice, (12), p.26.
Brown, H., 2017. Privacy law and cyber security: Is your practice secure?: Client
confidentiality and data breach. LSJ: Law Society of NSW Journal, (39), p.88.
Daly, A., 2018. The introduction of data breach notification legislation in Australia: a
comparative view. Computer Law & Security Review, 34(3), pp.477-495.
Dickinson, C., 2018. No more cyber breach secrets. Journal (Real Estate Institute of New
South Wales), 69(2), p.28.
Eckstein, L., Chalmers, D., Critchley, C., Jeanneret, R., McWhirter, R., Nielsen, J., Otlowski,
M. and Nicol, D., 2018. Genomic data sharing: the Australian context. Human genetics, pp.1-
9.
Feary, G., 2018. Risk watch: Notifiable data breaches and the privacy act: Is your law
practice bound?. Bulletin (Law Society of South Australia), 40(2), p.21.
Feltham, M., 2017. Three things you need to know about cybersecurity and some recent
regulatory changes in Australia trends and special topics. Governance Directions, 69(3),
p.152.
Johnston, A., 2018. 2018: A year of significant changes to privacy law. LSJ: Law Society of
NSW Journal, (41), p.84.
8INTRODUCTION TO INFORMATION SYSTEM
Leonard, P. and Principal, D.S., 2018. The new Australian Notifiable Data Breach Scheme.
Solomon, A., 2017. New mandatory data breach notification laws. Superfunds Magazine,
(428), p.16.
Leonard, P. and Principal, D.S., 2018. The new Australian Notifiable Data Breach Scheme.
Solomon, A., 2017. New mandatory data breach notification laws. Superfunds Magazine,
(428), p.16.
1 out of 9
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.