cyber Breach

CTARS

Aug 13, 2022 1 min read
CTARS

A security breach of a cloud-based client management service provider, CTARS, used by the National Disability Insurance Scheme (NDIS) has exposed a “large volume” of health and other sensitive data.

An unauthorized third party gained access to its systems and exfiltrated a large volume of data and posted a sample of that data on a [dark] web form.

The data included documents containing personal information relating to its customers and their clients including NDIS and carers.

the compromised information included the details of the diagnoses, treatment, or recovery of a medical condition or disability.

CTARS engaged identity and cyber support service IDCare to support NDIS participants and providers, and OOHC participants and carers, navigate the data breach.

Source: https://www.itnews.com.au/news/ndis-case-management-system-provider-breached-580729

TPRM report: https://scoringcyber.rankiteo.com/company/ctars

"id": "cta33411822",
"linkid": "ctars",
"type": "Breach",
"date": "05/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"
{'affected_entities': [{'customers_affected': ['NDIS Participants',
                                               'Providers',
                                               'OOHC Participants',
                                               'Carers'],
                        'industry': 'Healthcare',
                        'name': 'CTARS',
                        'type': 'Service Provider'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': True,
                 'file_types_exposed': ['Documents'],
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Health Data']},
 'description': 'A security breach of a cloud-based client management service '
                'provider, CTARS, used by the National Disability Insurance '
                'Scheme (NDIS) has exposed a large volume of health and other '
                'sensitive data.',
 'impact': {'data_compromised': ['Personal Information', 'Health Data']},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'third_party_assistance': ['IDCare']},
 'threat_actor': 'Unauthorized Third Party',
 'title': 'Data Breach at CTARS',
 'type': 'Data Breach'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.