An Australian teenager faces charges under the country’s cybercrime act after discovering – and reporting – “serious cyber-security weaknesses” within the Public Transport Victoria (PTV) systems, according to a recent article published by The Age website. According to the article, the 16-year-old from Melbourne, Joshua Rogers, “discovered an extensive database containing the personal details of public transport users in Victoria” – a large containment of personal data.
The article reports that Rogers – a self-identified ‘‘security researcher’’ - used “a common hacking technique” to gain access to the website, according to cybersecurity experts. After gaining access to the site and seeing the vulnerabilities, Rogers contacted PTV to alert them of this security issue on Thursday, December 26th, but, according to the article, “got no response until Monday” – December 30th.
Authorities, reportedly from the “e-crime squad“, began investigating this breach of security on Tuesday, December 31st, the article stated.
According to the report, Rogers discovered a database which contained “a large amount of personal data including full names, addresses, home and mobile phone numbers, email addresses, dates of birth, seniors card ID numbers“, and other personal information. A Victoria Police spokesperson was quoted in the article to say, ‘Victoria Police has received a report from Public Transport Victoria relating to the unauthorized access to their network. As the matter is currently under investigation we are not in a position to comment.” The report revealed that only weeks before this breach government departments were warned about being “woefully ill-equipped to combat cyber attacks.”
Read more about this breach of security, what could be the result for the young Joshua Rogers and how authorities plan on preparing for possible future security issues in the full article at The Age website.