Investigation reports

23 March 2018

MBS/PBS data publication Publication date: 23 March 2018Download the print versionExecutive summaryOn 1 August 2016, the Department of Health published on data.gov.au a collection of Medicare Benefits Schedule and Pharmaceutical Benefits Schedule related data. The data consisted of claims information for a 10% sample of people who had made a ...

7 August 2017

DonateBlood.com.au data breach (Australian Red Cross Blood Service) Publication date: 7 August 2017Download the print versionExecutive summaryThe Australian Red Cross Blood Service (Blood Service) website www.donateblood.com.au allows individuals to book appointments to donate blood.On 5 September 2016, a database file containing information relating to approximately 550,000 prospective blood donors who ...

7 August 2017

DonateBlood.com.au data breach (Precedent Communications Pty Ltd) Publication date: 7 August 2017Download the print versionExecutive summaryPrecedent Communications Pty Ltd (Precedent) managed the website www.donateblood.com.au for the Australian Red Cross Blood Service (the Blood Service).On 5 September 2016, a Precedent employee inadvertently saved a backup of a database file containing information ...

24 August 2016

Ashley Madison joint investigation Publication date: 24 August 2016Joint investigation of Ashley Madison by the Privacy Commissioner of Canada and the Australian Privacy Commissioner and Acting Australian Information CommissionerDownload the print versionSummary1 Avid Life Media Inc. (ALM)[1] is a company that operates a number of adult dating websites. The largest ...

1 June 2015

Adobe Systems Software Ireland Ltd: own motion investigation report Publication date: 1 June 2015OverviewOn 13 December 2013, the Australian Privacy Commissioner (the Commissioner) opened an own motion investigation into Adobe Systems Software Ireland Ltd (Adobe) following Adobe’s statement on its website that it had been the target of a cyber-attack ...

1 November 2014

Department of Immigration and Border Protection: own motion investigation report Publication date: 1 November 2014OverviewOn 21 February 2014, the Australian Information Commissioner opened an own motion investigation into the Department of Immigration and Border Protection (DIBP) following a media report that a database containing the personal information of approximately 10,000 ...

1 July 2014

Pound Road Medical Centre: own motion investigation report Publication date: 1 July 2014OverviewOn 13 December 2013, the Australian Privacy Commissioner (the Commissioner) opened an own motion investigation into Pound Road Medical Centre (PRMC). This was in response to media reports that there were boxes of unsecured medical records at 16 ...

1 June 2014

Cupid Media Pty Ltd: own motion investigation report Publication date: 1 June 2014OverviewCupid Media Pty Ltd (Cupid) operates over 35 niche dating websites based on personal profile including ethnicity, religion and location. On 13 December 2013, the Australian Privacy Commissioner (the Commissioner) opened an own motion investigation into Cupid. This ...

1 May 2014

Multicard Pty Ltd: own motion investigation report OverviewOn 11 February 2013, the Office of the Australian Information Commissioner (OAIC) opened an own motion investigation into Multicard Pty Ltd (Multicard). This was in response to information received from the Office of Transport Security (OTS) that personal information of a large number ...

1 March 2014

Telstra Corporation Limited: own motion investigation report (2014) Publication date: 1 March 2014OverviewOn 24 May 2013, the Australian Privacy Commissioner (the Commissioner) opened an own motion investigation into Telstra Corporation Limited (Telstra). This was in response to media allegations that personal information of Telstra customers was accessible online, which Telstra ...