Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

NSW gov contractor uploaded Excel spreadsheet of flood victims data to ChatGPT iTnews

pA former contractor to the NSW Reconstruction Authority uploaded an Excel spreadsheet with over 12000 rows of information to ChatGPT exposing up to 3000 peoples datappThe victims of the breach are applicants to the Northern Rivers Resilient Homes Program under which the government is offering to either buy back floodprone homes contribute to the cost of rebuilding or to improve resilience such as by elevating themppThe program was set up after the devastating 2022 floods in northern NSWppThe AIrelated data breach was disclosed on what is a public holiday Monday in NSW although it actually occurred over six months ago between March 12 and 15ppThe authority said in a breach notice that the upload was not authorised ppAnalysts at Cyber Security NSW have since been poring over the Excel file with the linebyline analysis so far finding up to 3000 peoples datappEvery row is being carefully reviewed to understand what information may have been compromised the authority saidppThis process has been complex and timeconsuming and we acknowledge that it has taken time to notify people ppOur focus has been on ensuring we had the right information to contact every impacted person accurately and completelyppIt added We expect the forensic analysis to be completed within the coming days This will give us a clearer understanding of the extent of the breach and the specific data involvedppSlow data breach disclosure is the bane of mandatory notification schemesppThe authority said that breached data included names and addresses email addresses phone numbers and some personal and health informationppIt said there is no evidence that any of the uploaded data has been accessed by a third party but this could be hard to monitor because public AI tools are uncontrolled environmentsppThe agency indicated it had put in place safeguards to prevent a recurrenceppWeve reviewed and strengthened our internal systems and processes and issued clear guidance to staff on the use of unauthorised AI platforms like ChatGPT it saidppSafeguards are now in place to prevent similar incidents in futurep

Read the original article 13 Oct 2025

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

NSW gov contractor uploaded Excel spreadsheet of flood victims data to ChatGPT iTnews