2019 membership updates

Black Hawk

Debutant
Jun 11, 2004
141
331
Melbourne
AFL Club
Hawthorn
Other Teams
Renegades, Chiefs
I'm currently doing a training course re: personal info, and you'd be surprised the kinds of data stored on portable devices. Scary stuff.

Then you would know how important the security of sensitive personal information is. Especially when it's your members. What we have is a list of all of our names, addresses, contact numbers and dates of birth that has fallen into the wrong hands.

It's a major data breach. The email from the club confirms that.
 
Then you would know how important the security of sensitive personal information is. Especially when it's your members. What we have is a list of all of our names, addresses, contact numbers and dates of birth that has fallen into the wrong hands.

It's a major data breach. The email from the club confirms that.

This kind of thing happens on a regular basis. You’d love it not to, but it happens. You hear about it more now because data breach laws changed and organisations now have to communicate more when data breaches occurred. I’ve has several emails this year about similar issues.

When you consider that there are Medicare records for sale on the Internet - some dickhead car thief having a laptop he’ll probably sell to fund his meth addiction is really the shallow end of the pool here.
 

Black Hawk

Debutant
Jun 11, 2004
141
331
Melbourne
AFL Club
Hawthorn
Other Teams
Renegades, Chiefs
This kind of thing happens on a regular basis. You’d love it not to, but it happens. You hear about it more now because data breach laws changed and organisations now have to communicate more when data breaches occurred. I’ve has several emails this year about similar issues.

When you consider that there are Medicare records for sale on the Internet - some dickhead car thief having a laptop he’ll probably sell to fund his meth addiction is really the shallow end of the pool here.

You’re right it does happen a lot and the reporting requirements result in us hearing about it a lot more. I’m more concerned with the circumstances surrounding this breach. This breach occurred due the data being in a staff member’s unattended vehicle.

I’d like to hear the story as to why the data came to be in the unattended vehicle. No doubt the staff member involved has been hauled over the coals…or worse.
 

DEECEE

Premium Platinum
Aug 27, 2007
1,968
6,010
Hawthorn
AFL Club
Hawthorn
This is really bad...

Why was the data on the staff members portable device in the first place?

Did the spreadsheet contain all members?

What was the staff member doing with the data?

Is it standard practice for a staff member to have member data on their portable devices?

This 1000%, completely unacceptable. i work in an environment where data security is OTT, if an employee had a list like that copied to their device, let alone got it stolen. it would be pack up your desk stuff. HFC should probably get someone in for an audit and put some policies/training in place.

On a lighter note about work devices, a few jobs ago a colleague got his device stolen whilst entertaining clients at an "establishment" on king street. Needless to say, it had to be reported to work, and a stolen property report for the police. That absolutely spread like wildfire at the organisation. He didn't get fired, but he did leave. Poor fella, never let it down.
 
Apr 10, 2017
2,076
3,940
AFL Club
Hawthorn
Other Teams
Saints
This 1000%, completely unacceptable. i work in an environment where data security is OTT, if an employee had a list like that copied to their device, let alone got it stolen. it would be pack up your desk stuff. HFC should probably get someone in for an audit and put some policies/training in place.

On a lighter note about work devices, a few jobs ago a colleague got his device stolen whilst entertaining clients at an "establishment" on king street. Needless to say, it had to be reported to work, and a stolen property report for the police. That absolutely spread like wildfire at the organisation. He didn't get fired, but he did leave. Poor fella, never let it down.
I cant believe this isn’t front page news.
I have called them but no one answered... i am f&#ing furious. Sorry but unless there is a full investigation and heads roll, i am not renewing. Any chance of a repeat with the club is simply not acceptable.

I’m a CIO with more than 12 years in IT at the top level. Ive gone through audits, Ive implemented SOX controls, and know full well that no one should have a list like this on an un-encrypted computer. Our names are now public domain.
 

Black Hawk

Debutant
Jun 11, 2004
141
331
Melbourne
AFL Club
Hawthorn
Other Teams
Renegades, Chiefs
I cant believe this isn’t front page news.
I have called them but no one answered... i am f&#ing furious. Sorry but unless there is a full investigation and heads roll, i am not renewing. Any chance of a repeat with the club is simply not acceptable.

I’m a CIO with more than 12 years in IT at the top level. Ive gone through audits, Ive implemented SOX controls, and know full well that no one should have a list like this on an un-encrypted computer. Our names are now public domain.

They did say in the email "We are working with all our stakeholders to ensure all measures are taken to prevent this issue in the future."

I'm giving them another chance based on that but this can't be allowed to happen again. If they said the Chinese hacked our main frame or something similar then fair enough but sitting on the front seat of John or Mary's car doesn't cut it in this day and age.
 
You’re right it does happen a lot and the reporting requirements result in us hearing about it a lot more. I’m more concerned with the circumstances surrounding this breach. This breach occurred due the data being in a staff member’s unattended vehicle.

I’d like to hear the story as to why the data came to be in the unattended vehicle. No doubt the staff member involved has been hauled over the coals…or worse.

Again, it’s 2018. My laptop goes with me when I go home because I usually need to do a few hours work at home. If someone robs me of my backpack on the way home then my laptop will be in their possession. This would be the same scenario for many, many people. My laptop has been in a car multiple times also - especially when I’m on the road. I always make sure the car is locked and laptop hidden (as per policy). This guy probably took similar precautions - but if a dickhead breaks into your car and steals things that’s a sad reality of modern life.
 
Apr 10, 2017
2,076
3,940
AFL Club
Hawthorn
Other Teams
Saints
They did say in the email "We are working with all our stakeholders to ensure all measures are taken to prevent this issue in the future."

I'm giving them another chance based on that but this can't be allowed to happen again. If they said the Chinese hacked our main frame or something similar then fair enough but sitting on the front seat of John or Mary's car doesn't cut it in this day and age.
Totally agree on your scenarios. Some things are super difficult and not possible to stop economically or practically. But an insecure computer in a car is insane.
I’d like to know what “Working with stakeholders” is ? I honestly doubt their ability to do anything at this stage. They should be calling every pawn shop, or calling every private eye in town to do it.
 

Black Hawk

Debutant
Jun 11, 2004
141
331
Melbourne
AFL Club
Hawthorn
Other Teams
Renegades, Chiefs
Just saw a new app pop up in the play store. It’s called ‘Sh1t on a Hawks Supporter’. It’s based on location so you can find Hawks supporters near to you when you're ready to do the deed. You can filter by gender or age and there’s even a birthday feature so you can do it to them on that special day…
 
Just saw a new app pop up in the play store. It’s called ‘Sh1t on a Hawks Supporter’. It’s based on location so you can find Hawks supporters near to you when you're ready to do the deed. You can filter by gender or age and there’s even a birthday feature so you can do it to them on that special day…
pics or it didn't happen
 

Carl Spackler

Club Legend
Jul 29, 2018
2,406
5,642
AFL Club
Hawthorn
Meh, it's nothing that people couldn't get from facebook or other sources anyway. The phonebook even.

If there were financial info, like CC numbers, then we would have something to worry about but home addresses are about as secret in the digital age as the recipe for egg nog.
 
Apr 10, 2017
2,076
3,940
AFL Club
Hawthorn
Other Teams
Saints
Meh, it's nothing that people couldn't get from facebook or other sources anyway. The phonebook even.

If there were financial info, like CC numbers, then we would have something to worry about but home addresses are about as secret in the digital age as the recipe for egg nog.
Nope - i would be happy if I only had to change my credit card numbers. Thats easy and the bank will cover me after i notify them.

Having name / address / phone(s) / dob and email is enough to steal an identity. For my kids too.

And i'm not in the phone book. Kind of stupid thing to do these days.
 

HawkSolo

Rookie
Aug 19, 2004
21
7
VIC
AFL Club
Hawthorn
Other Teams
Pacers
Just received this from HFC



Earlier this week, the Hawthorn Football Club was informed of the theft of a club staff member’s computer.

The device was stolen, amongst other items, from the staff member’s locked motor vehicle.

The computer, which is password protected, housed a spreadsheet containing member data. The data within the spreadsheet is not sensitive information and includes no financial details. The personal information in the spreadsheet consists of: name, member ID, street address, contact phone numbers, email address and date of birth.

It is important to stress that no financial information, credit card details or other personal details were included in the spreadsheet.

The computer was not club branded and could not have been visibly recognised as property of the Hawthorn Football Club. As mentioned above, it was also password protected. Although the computer has been stolen, there is no evidence that the thief, or any other unauthorised person, has been able to access the spreadsheet.

Taking a cautious approach, the club has notified the Office of the Australian Information Commissioner (OAIC) of the incident.

Whilst it is not possible for the club to determine whether your personal data may have been accessed without authorisation, we are providing you with this notice so that you can assess the possible consequences of this incident for you, if any, and take any steps that you decide may be necessary.

If you are concerned that your data may have been compromised, we suggest the following:

  • Enable multi‐factor authentication and other available security measures provided by your online services;
  • Be alert of potential phishing emails and telephone calls from anyone requesting your personal details and avoid opening attachments from unknown senders on any virtual platform;
  • Install or update anti‐virus software and keep it updated; and
  • Apply recommended software patches from operating system and software providers.
For general information about how you can you protect your data privacy, visit the Australian Competition and Consumer Commission website at www.scamwatch.gov.au.

For further steps you can take, we also recommend that you visit the Office of the Australian Information Commissioner's website at https://www.oaic.gov.au/individuals/data‐breach‐guidance.

We apologise for any inconvenience caused and assure you that the Hawthorn Football Club takes the security of your data very seriously. We are working with all our stakeholders to ensure all measures are taken to prevent this issue in the future.

We appreciate that you may have additional questions. If so, please contact us at privacy.officer@hawthornfc.com.au or phone 1300 042 957.

Yours sincerely,

Jeremy Millard
General Manager - Consumer Business

I'm a fairly passive member, much like on here, but I am absolutely filthy on this, particularly as I have my kids signed up, really not good enough, and I have let them know.

Unfortunately this may impact our memberships in the future
 

Black Hawk

Debutant
Jun 11, 2004
141
331
Melbourne
AFL Club
Hawthorn
Other Teams
Renegades, Chiefs
Meh, it's nothing that people couldn't get from facebook or other sources anyway. The phonebook even.

If there were financial info, like CC numbers, then we would have something to worry about but home addresses are about as secret in the digital age as the recipe for egg nog.

That's true and to be honest I'm not really concerned about my data being out there. But what about members like Jeff Kennett for example. Imagine if the thief is a miserable * supporter and decides to post Jeff's mobile number and home address somewhere.
 

Black Hawk

Debutant
Jun 11, 2004
141
331
Melbourne
AFL Club
Hawthorn
Other Teams
Renegades, Chiefs
I'm a fairly passive member, much like on here, but I am absolutely filthy on this, particularly as I have my kids signed up, really not good enough, and I have let them know.

Unfortunately this may impact our memberships in the future

It’s not good enough and it reflects so poorly on our dedicated membership team and IT manager Dean Westaway. In saying that, I have faith that we will put in place measures to stop it from happening again in the future. I hope that you have faith too, and that it won’t affect your or your family’s membership with this great club.
 
Apr 10, 2017
2,076
3,940
AFL Club
Hawthorn
Other Teams
Saints
It’s not good enough and it reflects so poorly on our dedicated membership team and IT manager Dean Westaway. In saying that, I have faith that we will put in place measures to stop it from happening again in the future. I hope that you have faith too, and that it won’t affect your or your family’s membership with this great club.
My faith will only be restored if/when i get a full explanation. One email is not enough.
 

Carl Spackler

Club Legend
Jul 29, 2018
2,406
5,642
AFL Club
Hawthorn
-PSpSg-d0oP9j5owOjxfTGjuA-hs-ISZK0rhCFQJVi1I6oS5AsElleOtdeSCyH23LRVyOGVxp_LT5xiZKYNfjuilVpxk3imaQZTpxViV=w500-h282-nc
 

offtherails9

Norm Smith Medallist
May 30, 2012
6,257
7,951
-
AFL Club
Hawthorn
Meh, it's nothing that people couldn't get from facebook or other sources anyway. The phonebook even.

If there were financial info, like CC numbers, then we would have something to worry about but home addresses are about as secret in the digital age as the recipe for egg nog.

Yeah, I'm pretty surprised (although it is good to know, whether it's legal or not) that the club even had to contact us about this. I would have thought it'd happen all the time. It's pretty boring info, PM me if you want my details.
 

tige19

Cancelled
10k Posts
Feb 13, 2003
21,724
24,129
AFL Club
Hawthorn
I'm a fairly passive member, much like on here, but I am absolutely filthy on this, particularly as I have my kids signed up, really not good enough, and I have let them know.

Unfortunately this may impact our memberships in the future

Are you serious? So there is a theft at the club, the clubs being transparent and you're threatening to leave your membership on the table? Pathetic
 
Not happy Jan, hope the person responsible gets his arse kicked. Why was the laptop with these important details left in the car, very irresponsible by the staff member.
 

HawkSolo

Rookie
Aug 19, 2004
21
7
VIC
AFL Club
Hawthorn
Other Teams
Pacers
Are you serious? So there is a theft at the club, the clubs being transparent and you're threatening to leave your membership on the table? Pathetic

Well, yes I’m serious, it is serious, and I have never threatened, I conveyed my concern and and have the right to dictate who has my family and my data, and did use the word ‘may’. As for the last part of this reply, I won’t respond.

By the way, the theft was not at the club, this is my main issue.
 
Back