This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Northern Territory Health

Summary

Northern Territory Health accidentally leaked thousands of emails containing personal data of individuals who had registered for the territory's COVID-19 contact tracing app. The breach was caused by human error in email handling, exposing contact details publicly.

What Happened

In February 2021, NT Health mistakenly released thousands of email addresses in bulk email communications related to the COVID-19 contact tracing app. The emails were sent in a way that exposed recipient email addresses to all other recipients, violating privacy principles.

The error occurred during communications with people who had registered for or inquired about the NT's COVID app during the pandemic response efforts.

Impact on Individuals

The breach exposed email addresses and potentially phone numbers of thousands of Territorians who had engaged with the COVID app registration process. While the data exposure was limited to contact details, it created risks of spam and phishing attacks targeting individuals who had participated in public health measures.

Organisational Response

NT Health acknowledged the breach and faced criticism for what was described as "bordering on negligent" handling of personal data during a public health emergency. The incident occurred despite heightened privacy awareness during the pandemic when contact tracing systems were under intense scrutiny.

Verification Source: View original statement