The Australian Human Rights Commission (AHRC) experienced a data breach caused by the inadvertent public exposure of sensitive attachments submitted through its online complaint form. The incident affected personal information of individuals who uploaded documents between March 24, 2025, and April 10, 2025, with some documents being accessed through search engines like Google or Bing.
Affected: Australian Human Rights Commission, individuals who submitted complaint attachments or nominations during the specified periods.
Affected: Australian Human Rights Commission, individuals who submitted complaint attachments or nominations during the specified periods.
Keypoints
- The breach involved the accidental online exposure of sensitive document attachments submitted via the AHRCβs webform.
- Personal data such as names, addresses, contact details, health, education, and religious information were exposed.
- Around 670 documents were identified as potentially accessible, with approximately 100 accessed by search engines.
- The incident impacted individuals submitting complaints, nominations, or concept papers between 2021 and 2025.
- AHRC is actively working to remove documents from search engines and notify affected individuals and authorities.
Read More: https://www.securityweek.com/australian-human-rights-commission-discloses-data-breach/