That is the finding of preliminary investigations into a data breach identified by Murray Irrigation Limited in December.
In an update, MIL said further investigations would take place, and Murray Irrigation has already taken significant steps to prevent future disclosures.
“Upon discovery of the disclosure, and as committed to in our initial communication to shareholders on December 19, Murray Irrigation has engaged specialist cybersecurity experts to conduct a full investigation to determine how it occurred, including the extent of any personal information impacted.
“To reiterate, this disclosure was not a result of a malicious attack or attempt to access information by an external threat actor.
“Murray Irrigation and our cybersecurity experts are satisfied there has been minimal exposure of the personal information that was unintentionally made visible.”
Murray Irrigation identified a data security incident on December 18 involving information held within the ArcGIS platform that is ordinarily confidentially and safely maintained.
“Some of this information was unintentionally made publicly available,” the company said.
“Importantly, this incident did not include payment information, bank account information, passwords, WEX data or A-account information.
“Upon discovery of the breach, Murray Irrigation immediately locked down the ArcGIS platform and can confirm landholder data is no longer available publicly on the ArcGIS platform.
“MIL will also engage an external investigator to review the circumstances and assist to design a plan to prevent this from happening again.”
The breach involved several categories of landholder information including land registration numbers, landholding areas in hectares, chemical-free status, customer numbers, names, postal addresses, phone numbers and email addresses, water account balances, customer flags, and works supervisor names with accompanying phone numbers.
ArcGIS is a geographic information system platform used to create, manage, analyse and map location-based data.
MIL uses this system to support delivery of its core services, with landholder information not ordinarily visible publicly.
While MIL is confident no personal details of landholders were downloaded, it still recommends all customers protect themselves from potential scams by taking the following steps:
• Be alert to any suspicious emails, SMS or telephone communications that are disguised to look like they come from someone you know or trust. Verify the legitimacy of communications by authenticating the sender. This includes checking email names and domains.
• Do not open links that look suspicious. If you are unsure about a link sent to you by a company, you should go to the company’s website and look for the product or service that was offered.
• Be alert to phishing scams. This could include scams that target you through post or email. Phishing scams are attempts by scammers to trick people into providing their personal information passwords, credit card numbers and/or sensitive personal information.
Landholders requiring assistance or clarification can contact MIL on 1300 138 265.
15°C