Image: wk1003mike — Shutterstock
CTARS, the makers of a cloud-based client management system used by the Australian National Disability Insurance Scheme (NDIS) as well as disability services, out of home care, and children’s services, has revealed it was breached on May 15 and found the data posted to the dark web a week later.
“Although we cannot confirm the details of all the data in the time available, to be extra careful we are treating any information held in our database as being compromised,” the company has said.
“This data includes documents containing personal information relating to our customers and their clients and carers.”
CTARS said it holds personal information of clients, staff carers, and third party suppliers.
“Due to the very large volume of information held by CTARS and the very lengthy time it would take to review in detail, we are unable to confirm exactly what personal information of yours was affected by the incident,” it added.
More forthcoming with the sort of information stored was Have I Been Pwned owner Troy Hunt, who has added the 12,000 impacted email address into the site.
“This includes information such as suicide attempts. Mental health issues. Drug