The New Zealand Police have admitted a potential data breach on its online notification platform set up to buyback firearms.
The issue came into light after a dealer reported to the Police that he was able to see all firearm owners’ details on the gun buyback program website. The Deputy Commissioner of Police Mike Clement confirmed that they were notified about the breach by the dealer.
The details of around 37,000 firearm owners, including the guns they possess, and bank account information were accessible, the Council of Licensed Firearms Owners (Colfo) stated.
Under the firearm buy-back program, the government provides an opportunity for the citizens to let the police know their prohibited firearm possessions anonymously and exchange them for cash.
What Happened?
The online notification platform is maintained by a German-based software company SAP. The company stated that a new security profile was incorrectly provisioned in the platform due to a human error.
“We unreservedly apologize to New Zealand Police and the citizens of New Zealand for this error. A full internal investigation is already underway within SAP,” the company said in a statement.
It’s said that users were able to screenshot and download information related to other firearm owners. Security pros opined that criminal elements could have accessed the firearm owner’s information before the authorities found the breach.
The Police authorities stated that they’ve launched an investigation to identify how many people accessed the personal details of the gun owners in the incident.
Meanwhile, the Gun buybacks program is continuing using manual processes. The Police stated that the platform will remain offline until SAP ensures its security. The officials also urged affected citizens to monitor their bank accounts to find out any unusual transactions.
Just Another String
Earlier, the New Zealand Treasury office was hit with a cybersecurity scandal. It’s reported that hackers tried to infiltrate the documents of the upcoming budget, which has also been called the “wellbeing budget”.
The budget has been the limelight for being a bill that has been one of the first in the world where the wellbeing of citizens of New Zealand has been kept at the top-most priority. Two days before the document was scheduled to be released, the Treasury office found out that the systems were hacked with over 2,000 attempts recorded in a 48-hour period. The New Zealand police have been alerted over the incident that has occurred in the parliament, and investigations have begun into the incident.
