The Australian Competition and Consumer Commission's CIO, Adrian Walkden, has issued an apology to subscribers of ACCC email lists. The organisation discovered late last week that the email addresses of subscribers to a number of its information alert services were publicly accessible online.
"They were not indexed by search engines or linked from a web page on our sites. They could only be found if specific URLs were tried," said an email signed by Walkden and sent to subscribers of the affected services today.
"The ACCC resolved this issue as soon as it became of aware of it," the email states.
"As you have subscribed to an alert on one of the affected websites, we are informing you that your email address may have been publicly available from our website if an intentional attempt was made to access it."
Last week the watchdog organisation said it was "not clear" how many users were affected by the privacy breach.
The ACCC reported the issue to the Office of the Australian Information Commissioner (OAIC). "The OAIC is considering this information to determine if any further action is required," an OAIC spokesperson said last week.
Today's mass email including a warning that there was a danger that the leaked subscriber list may be exploited.
"Scammers may send emails purporting to be from the ACCC in attempts to gain personal or financial information," the email stated.
"If you have any doubts about an email's source, verify the sender by independent means - use their official contact details to check the email is legitimate before clicking on links or opening attachments."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.