*UPDATE: Our online application system, PageUp, has recently been reinstated. We suspended our use of PageUp while it was investigating a security incident because confidentiality and security of employee and candidate data is important to us. We conducted a detailed review of the additional security measures that PageUp has implemented as a result of the investigation before deciding to reinstate its use.*
It has come to our attention that as a result of a recent security incident at PageUp, a vendor that provides certain recruitment-related information services to King & Wood Mallesons Australia, some of your personal details may have been accessed by an unauthorised person and possibly disclosed.
Who is potentially impacted?
You may be affected if you submitted a job application on our website from 2014 onward for a position in one of our Australian offices.
What has happened?
We have been advised that forensic investigations by PageUp have confirmed that an unauthorised person gained access to PageUp systems and personal data relating to clients, job applicants, references and PageUp employees.
How could I be impacted?
PageUp’s forensic experts have identified that compromised data may include:
- Contact details including name, email address, physical address, and telephone number
- Biographical details including gender, date of birth, and maiden name (if applicable), nationality, and whether the applicant was a local resident at the time of the application
- Employment details at the time of the application, including employment status, company and title. If the application was submitted for a reference check, then the following additional details may have been provided by the reference: technical skills, special skills, team size, length of tenure with company, reason for leaving that position (if applicable), and the length of relationship between the applicant and reference
Password data for applicants was protected using industry best practice techniques, including hashing and salting and therefore evaluated as a very low risk.
Importantly, PageUp has advised that it is confident that the most critical data categories, including resumes and Australian tax file numbers, are not affected in this incident.
Are King & Wood Mallesons’ systems safe to use?
The incident was contained at PageUp, and no King & Wood Mallesons systems were affected in this incident.
Where should I go for more information?
Applicants and employees with specific concerns should contact us at email@example.com.
For general information about how you can you protect your data privacy, visit the Office of the Australian Information Commissioner website at www.oaic.gov.au.
What should I do?
If you are concerned your data may have been accessed by an unauthorised party, we advise you perform the following good security practices:
- Change your passwords on other online services, if you re-use the same password
- Enable multi-factor authentication and other available security measures provided by your other online services
- Be aware of potential phishing emails and telephone calls from businesses or institutions requesting your personal details. Avoid opening attachments from unknown senders via email or social media
- Install anti-virus software and keep it updated
- Apply all recommended software patches from operating system and software providers.
If you are concerned about your private information, please contact PageUp at firstname.lastname@example.org. If you are not satisfied with their response, you can contact the Australian Information Commissioner (OAIC) directly on at www.oaic.gov.au or on T: 1300 363 992.
View Hong Kong information.