…

FAQ: PageUp Data Breach

ASC has recently been made aware of unauthorised access to the PageUp software system which we use to manage our online recruitment activities. This was a widespread breach which has not only affected ASC, but all of PageUp’s customers. ASC takes privacy and data security seriously, so we recommend that any person who has applied online for a position with ASC read the following FAQs.

What is the issue?

PageUp issued a statement advising its customers that on May 23, 2018 it had detected unusual activity on its IT infrastructure and immediately launched a forensic investigation.

PageUp has since confirmed that its systems sustained unauthorised access and it had notified the Australian Privacy Commissioner of the eligible data breach.

How could I be impacted?

If you have applied online for a role with ASC, it is possible that your personal data may have been accessed as a result of the breach. We are sorry for any inconvenience or concern this may have caused.

PageUp have confirmed that the following kinds of personal information could have been involved: name, gender, date of birth, street address, email address, telephone numbers, employment experience, education information, salary expectations and whether job applicants were local residents at the time of the application.

For references included in job applications, PageUp have confirmed that personal information involved may include contact information (including name, email address, physical address and telephone number) and employment information at the time the reference was provided (including company, title, and the length of the relationship with the job applicant).

PageUp has also advised that they believe that the following has NOT been impacted:

  • Applicant resumes
  • Applicant covering letters

Whilst ASC is aware of the breach, we are unable to confirm whether or not any of our job applicants’ data has been specifically affected. Nor are we aware of any fraudulent activity relating to anyone’s data occurring as a result of the security breach.

What has ASC done in response to the PageUp incident?

Once we were made aware of PageUp’s system breach, ASC immediately suspended the use of PageUp's systems to process job applications to minimise any possible harm.

ASC has now been assured by PageUp that the system is safe to use.  That is, there are no further threats and further security measures have been implemented to help guard against a similar incident in the future. Based on these assurances, ASC has reactivated its PageUp account.

We will continue to seek information from PageUp about which (if any) candidates may have had their personal information compromised and will provide an update to those candidates who may be affected.

If I’m concerned about my data security, what should I do?

ASC recommends that you inform yourself on steps you can take by visiting the OAIC website and Stay Smart Online which offers some helpful advice on how to help you protect yourself online.

As the breach resulted in access to referee records, we recommend that you notify any referees who you submitted with your application that their personal information may have been accessed.

Who can I contact if I have further concerns?

If you are concerned that your data may have been compromised, you should contact the Office of the Australian Information Commissioner (OAIC). If you notice any unusual online activity related to your personal information can contact the Australian Cybercrime Online Reporting Network (ACORN).

For updates or more information regarding this issue please check the PageUp website. If you have any other concerns please contact ASC HR Team at human.resources@asc.com.au .

Back to top