200k NSW workers’ personal data leaked due to ‘human error’
Share
The personal data of up to 200,000 NSW workers have been leaked by the insurer organisation iCare, in an incident that has been chalked up to “human error”.
The NSW public insurer revealed that the ‘cost of claims’ details of 193,000 workers was sent to the wrong employer or broker last month.
The personal details would usually only be sent to an individual’s own employer. However, it was found that employers received a spreadsheet that contained the names, addresses, dates of birth and claims information of iCare customers.
A statement on iCare’s website acknowledged that a “privacy incident”, which occurred on the week of May 10, was caused by human error. This error then led to Employer Cost of Claims reports from April 2022 being issued to the wrong employer or broker.
“As soon as iCare was made aware of the incident, we took immediate action to rectify the matter,” the statement said.
The NSW insurer promptly contacted employers who received the details in error. The organisation is in the process of confirming that the private data has been deleted with help from the Privacy Commissioner of NSW and third-party IDCARE. The State Insurance Regulatory Authority has been notified of the incident.
“We are contacting individuals concerning the incident and the steps we have taken to ensure the security of their information,” iCare’s statement said.
“We have also commenced a comprehensive review of our systems and processes to ensure it does not happen again.”
Shadow Treasurer Daniel Mookhey called on the government to launch an independent investigation into the data leak, calling the size of the breach “frightening”.
“A leak this big demands nothing less than an independent investigation,” Treasurer Mookhey said.
“The 190,000 workers whose personal information iCare distributed far and wide deserve answers about why this happened.”
Labor’s industrial relations spokeswoman Sophie Cotsis said iCare needs to contact all the affected workers.
“A vague statement by iCare on its website doesn’t cut it,” she said.
“They need to know their privacy has been compromised. They might now have to take steps to protect themselves.”
With AAP
Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.
Today’s Pick
11th Annual Aus Goverment Data Summit
April 1, 2025
7th Annual NZ Government Data Summit
May 7, 2025
3rd Public Sector Comms Week
May 14, 2025
Subscribe
We send emails,
but we do not spam
Join our mailing list to be on the front lines of healthcare , get exclusive content, and promos.
AI appointment Australia Australian boost boosts business businesses covid-19 cyber attack cybersecurity cyber security data data breach data management defence Digital employment enhance enhances fraud funding governance government grants Healthcare infrastructure Innovation Lockdown management new zealand NSW NZ online public Public Sector queensland renewable energy scams security Social Media Technology telecommunications victoria WA
Last Viewed