Private Myki data successfully hacked by academic
The data of more than 15 million Myki cards has been successfully hacked by a university lecturer and his team after it was made available to the public for a competition.
Public Transport Victoria offered a redacted version of its Myki touch-on and touch-off events to a “datathon” event.
Dr Chris Culnane from the University of Melbourne was able to wade through the information to find his own card as well as those who had posted about their public transport trips on social media.
“Unfortunately is looks like they didn’t consider the full privacy impacts of releasing such a detailed data set about Myki touch-ons and touch-off events,” he said.
“We downloaded it and then we were able to find ourselves within that data-set.”
Dr Culnane said it was timely reminder to be cautious about what data we are sharing.
“We should certainly be aware that the businesses we share our data with view our data as being a source of income for them.
“They’re going to be trying to harvest that as much as they can and to process i,t and use it for profiling, both to improve predictions of what you might buy but also for other predictions around financial services.”
Click PLAY to hear the interview below