We are aware of a security incident with PageUp, a third party vendor that provided us with software services used as part of our recruitment process; between March 2015–May 2018.
PageUp has notified organisations, including Kathmandu that they have confirmed their IT infrastructure was accessed by an unauthorised person and that certain data sets in its IT infrastructure have been affected by the malware attack they identified on 23 May 2018.
PageUp has provided more information here.
Whilst we are still waiting for a response to confirm specific data and specific individuals impacted, amongst other information requests, we will be contacting all individuals who could have been affected.
PageUp have advised that forensic experts have identified that compromised data may be the following:
Kathmandu did not request the inclusion of references in applicant's information submission.
If the application was submitted for a reference check, then the referee's contact information (including name, email address, physical address, and telephone number) and employment information at the time the reference was provided (including company, title, and the length of the relationship with the applicant) are affected.
PageUp have advised that they are confident that the most critical data categories including resumes, financial information, tax file numbers and employment contracts are not affected in this incident.
Kathmandu is treating this matter very seriously and are taking all necessary action to protect the security of our applicant data. For this reason, we have ceased connectivity and processes between Kathmandu's systems and PageUp's systems and disabled all candidate upload access points to PageUp.
We recommend that anyone who has used our online recruitment system to check that there has been no unusual activity concerning their personal information. The Office of the Australian Information Commissioner (OAIC) provides guidance.
If you have any questions, you can contact us firstname.lastname@example.org or phone AU: 1800 79 75 74 or 03 968 6169.