Full Report
Ry Crozier brings us today’s installment of the “No Need to Hack When It’s Leaking” Files The victims of the breach are applicants to the Northern Rivers Resilient Homes Program, under which the government is offering to either buy back flood-prone homes, contribute to the cost of rebuilding, or to improve resilience such as by elevating... Source
Analysis Summary
# Incident Report: Unauthorized Data Upload to ChatGPT by NSW Contractor
## Executive Summary
A contractor working on the New South Wales (NSW) Resilient Homes Program inadvertently uploaded an Excel spreadsheet containing sensitive data of flood victims to the public ChatGPT service. The incident occurred between March 12 and 15, 2025, and was officially disclosed significantly later. The core issue was a human error involving the misuse of an external, unapproved AI tool for processing sensitive governmental data.
## Incident Details
- **Discovery Date:** October 6, 2025 (Date of public disclosure by media/authorities)
- **Incident Date:** March 12 to March 15, 2025
- **Affected Organization:** NSW Reconstruction Authority (via a contractor)
- **Sector:** Government Sector (Post-Disaster Recovery Program)
- **Geography:** New South Wales (NSW), Australia
## Timeline of Events
### Initial Access
- **Date/Time:** March 12 - 15, 2025
- **Vector:** Unsanctioned use of a third-party cloud service (ChatGPT) by a contractor.
- **Details:** A contractor processing data related to the Resilient Homes Program (established after the 2022 floods) uploaded an Excel spreadsheet containing victim data to ChatGPT. This upload was unauthorized.
### Lateral Movement
- **Details:** No evidence of network intrusion or traditional lateral movement was reported; the incident was caused by data exposure via an external SaaS platform.
### Data Exfiltration/Impact
- **Details:** Sensitive data belonging to applicants of the Resilient Homes Program (which involves decisions on home buy-backs, rebuilding costs, or resilience improvements) was exposed to OpenAI's systems via the ChatGPT upload.
### Detection & Response
- **How it was discovered:** The article implies the breach was disclosed on October 6, 2025, following a formal breach notice from the NSW Reconstruction Authority after the event occurred six months prior.
- **Response actions taken:** The NSW Reconstruction Authority issued a breach notice regarding the event. (Specific internal response details are not provided in the text.)
## Attack Methodology
*Note: This was an insider/human error incident, not a malicious external cyberattack. The methodology reflects the *exposure vector*.*
- **Initial Access:** Direct manual upload by an authorized user (contractor).
- **Persistence:** Not applicable (No persistent threat actor access).
- **Privilege Escalation:** Not applicable.
- **Defense Evasion:** Not applicable; the threat bypassed standard security controls due to authorized user action.
- **Credential Access:** Not applicable.
- **Discovery:** Not applicable from an attacker perspective.
- **Lateral Movement:** Not applicable.
- **Collection:** Data gathered internally by the entity responsible for the program.
- **Exfiltration:** Data uploaded to an external, untrusted third-party AI service (ChatGPT).
- **Impact:** Unauthorized disclosure of Personally Identifiable Information (PII) of disaster victims.
## Impact Assessment
- **Financial:** Not specified, but potential costs related to compliance, notification, and remediation efforts.
- **Data Breach:** PII belonging to applicants of the Resilient Homes Program (those affected by 2022 floods). The specific volume or exact fields were not detailed beyond being an Excel spreadsheet.
- **Operational:** Disruption to trust in the handling of sensitive recovery program data.
- **Reputational:** Significant negative impact on the public standing of the NSW Reconstruction Authority and NSW Government due to the exposure of vulnerable citizens' data via a public AI tool.
## Indicators of Compromise
- **Network indicators - defanged:** None explicitly mentioned (as it involved a direct upload to OpenAI). Potentially, outbound traffic logs to `api. openai. com` or related ChatGPT domains from contractor workstations during the specified window could serve as indicators if monitoring was in place.
- **File indicators:** Upload of the specific Excel spreadsheet containing victim data.
- **Behavioral indicators:** Unauthorized input of sensitive government data into unapproved cloud services/AI platforms by a contractor.
## Response Actions
- **Containment measures:** Implied immediate cessation of the contractor's access or instruction to cease using ChatGPT for work purposes (though the data was already committed).
- **Eradication steps:** Unknown, but likely involved assessing how OpenAI handles data submitted via their public interface and determining necessary data retraction/deletion requests.
- **Recovery actions:** Issuing formal breach notification to regulatory bodies and affected individuals.
## Lessons Learned
- **Key takeaways:** Reliance on third-party AI services without stringent security vetting introduces severe data leakage risks, especially for sensitive PII. There was a significant lapse in policy enforcement regarding data handling by contractors. The delay between occurrence (March) and public disclosure (October) is concerning.
- **What could have been done better:** Stronger Data Loss Prevention (DLP) policies prohibiting inputting sensitive data into generic large language models (LLMs) or external SaaS tools. Mandatory training for contractors specifically addressing LLM data security risks.
## Recommendations
- **Prevention measures for similar incidents:**
1. Implement technical controls (e.g., network filtering or DLP) to block or flag uploads containing known sensitive data types (e.g., government identifiers, named individuals) to unauthorized external cloud storage/AI tools.
2. Mandate the use of vetted, secured enterprise AI platforms (if LLM usage is required) rather than consumer-grade services like public ChatGPT.
3. Review and enforce strict contractual obligations for all third-party contractors regarding data residency and use of third-party processing tools.