The Australian Red Cross Blood Service has apologized after a database backup file containing over one million donor records including highly sensitive information on sexual activity was exposed to the public. What comes with the breach is a partner published 1.74 GB mysqldump file to a publicly facing website with directory browsing enabled. Which means an unnamed researcher was able to find it at random using a simple IP address scan for publicly exposed web servers returning directory listings. The data included over 1.2 million records pertaining to 550,000 blood donor applicants. The information crucially included answers to highly sensitive question on whether the applicant had engaged in “at-risk” sexual behavior over the past year. According to the statement apologizing for the incident, the Blood Service has taken immediate action to resolve the problem and informed the police and Australian Information Commissioner. They have deleted all known copies of the data. It is unclear how long the data was left publicly available, but it contains info on donors who’ve registered between 2010 and 2016.
I think this will definitely affect people who want to donate blood and people who had donated blood before. I would not donate my blood for a while since it may leak my personal information publicly. So the blood donors in Australia will decrease for a time I believe. They need to prepare for it.