The addresses of defence sites, a missile maintenance unit and domestic violence shelters were among the 500,000 addresses leaked by mistake. This is the first major breach of the New South Wales government’s huge store of QR code data.
Premier Dominic Perrottet said the information was uploaded in error and “shouldn’t have happened”. The mistake has alarmed both privacy advocates and women’s safety advocates.
Cybersecurity experts have long warned the huge amount of data being collected by governments through QR code systems was vulnerable to security breaches, data fraud and hacking.
Technology specialist Skeeve Stevens discovered the locations, collected by the NSW Department of Customer Service when businesses and organisations registered as COVID-safe to access a QR code for staff and customers to check in, on a NSW data website in September.