Baw Baw Shire Council reports data breach caused by third party
Learn More
Baw Baw Shire Council has notified residents of a data security breach involving OracleCMS, its after-hours service provider. OracleCMS is an Australian company that specializes in outsourcing and contact centre services and operates as the external service handling after-hours calls on behalf of the council, receiving calls on behalf of the Council and passing on messages.
The breach is specific to OracleCMS and does not involve Baw Baw Shire Council’s own systems or databases. The incident has exposed approximately 1,250 local contacts and calls made to Council from June 2014 to January 2016
The exposed data includes:
- Customer contact information
- Call notes
Per information from the council, the breach was limited to the information provided during the calls to the Council’s after-hours service.
Baw Baw Shire Council is actively contacting all affected residents to inform them of the breach. Notifications are being sent via SMS text messages, and elderly or vulnerable residents are receiving personal phone calls.
