The Freename Forum

The .au Domain Administration (auDA), administrator of the Australian country extension .au, has reported a significant data breach. Due to a software error, it was possible to view additional information about the domain holder that was no longer intended for publication and was contained in the WHOIS data record; the postal address, telephone and fax number are mentioned in a press release. However, this information was only accessible via developer tools available in web browsers; the normal visitor received no indication that they could access this information. Access has already been removed and users have been redirected to an alternative .au WHOIS tool. As auDA further reports, the data records of around 1,500 registered domains may have been affected, 800 of which are associated with registered companies. The company takes data protection seriously and apologizes for the unintentional disclosure of personal data. At no time was the WHOIS service offline or WHOIS availability affected by the software error. The Information Commissioner's Office and the Australian Cyber Security Center have also been notified of the incident. Anyone who would like further information can contact auDA by telephone.

Source: https://www.auda.org.au/news-insights/s ... e-records/