Portal flaw leads to some NDIS users losing money | iTWire

Australian Information Security Incident Reported: September 11 2018


A vulnerability in the service portal for the National Disability Insurance Scheme has allowed a number of providers to obtain personally identifiable information of users and steal money.

The flaw allowed any user or registered provider to gain access to random support pages for users by guessing a nine-digit plan number. Companies could then bill these users and receive payment right away.

In a statement, the National Disability Insurance Agency, the organisation running the scheme, said its Fraud Taskforce had identified “a small number of providers who may be seeking to exploit the NDIS”.

Source: iTWire – Portal flaw leads to some NDIS users losing money

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.