back to article Aussie Emergency Warning Network hacked by rank amateurs

The operator of an Australian emergency warning service has denied that user information was breached after someone accessed its system to post “you've been hacked” messages. Over the weekend, people who were registered with EWN.com.au received messages that the system had been hacked. Those messages told users the hack …

  1. sanmigueelbeer Silver badge

    However, managing director Kerry Plowright said personal data wasn't breached.

    Amateurs!

    (A bit premature with the announcement that "personal data wasn't breached", do you think?)

    1. veti Silver badge

      Not if they don't store any. And I'm having a hard time imagining why they would.

      1. phuzz Silver badge

        I admit I've only just heard of the system in question, but if they send out SMSs then surely they hold people's phone numbers? I'm not sure how it works in Aus but here in GDPR-land a phone number is considered personal information.

        1. veti Silver badge

          In Australia, a phone number would be considered personal information if, and only if, it's associated with some other piece of data - such as a name, address, social security number or whatever - that could be used independently to identify the owner.

          Without that, it's just a number.

      2. Gritpype Thynne

        they store some or all of email, name, address, phone numbers - and a password to manage your "account".

        The address is to localise the warnings and also to confirm you are ratepayer for the sms service that I think is paid for by some local authorities.

        They also have a mobile phone tracking app to offer warnings localised to current position, or in my case, apparently to where I was in March 2017.

  2. Jonathon Green
    Trollface

    Ah, but....

    ...they never specified where the breach took place and if you take a wider view the message is quite likely factually correct. Somebody somewhere has almost certainly obtained access to personal data from somewhere, and somebody somewhere is almost certainly working to improve security on systems they know damn well are inadequately secured before they’re found out.

    I’m not suggesting that it’s necessarily what the culprits had in mind (or that they had anything other than “teh lulz” in mind for that matter) but receiving a spoof message like this through a mechanism operated as an official communication mechanism operated for and on behalf of a government, and which (even if it’s not holding personal data) one would expect to be secure against malicious or mischievous use really ought to make people think about how well secured other systems which do hold personal data are...

  3. rmason Silver badge

    Your data is safe!

    All your data is safe!!

    As safe as the alert system? Safer than that? Almost as safe?

  4. Little Mouse

    Disappointed.

    I was hoping for a device that warns me about Australians.

    I'll wait.

  5. adam payne Silver badge

    The messages read: “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues,” and included a support email address.

    Translates to 'All your base are belong to us'.

  6. Flywheel Silver badge

    No back door needed then. I'm sure that won't stop them installing one, as a precaution. Think of the children!

  7. Jay Lenovo Silver badge
    Black Helicopters

    You're getting hacked, that's worthy of an EMS message

    At least the "nice" hacker in Australia notified everyone they were getting hacked.

    In contrast, Hawaii's EMS doesn't get hacked, but sends out false messages that missiles will be arriving.

  8. GnuTzu Bronze badge
    Joke

    Emergency, Emergency

    Emergency, Emergency: fake emergency notifications sent.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019