STA wishes to advise an amount of personal information gathered via its website has been accessible on the internet. This was brought to our attention by a member of the public, and we thank them for bringing this to our attention. The personal information was inadvertently exposed due to a website configuration issue. The issue did not arise due to an external actor or malicious event.
STA was notified of the public accessibility of these documents on Tuesday 1 October 2024, and we took immediate remedial steps to ensure that these files were no longer accessible. We can confirm that no other data has been compromised. We have also commenced a full review of the website platform data security and supporting processes.
STA is committed to the privacy of personal information entrusted to it. STA is assessing the full scope of materials potentially accessible before 1 October, and have contacted everyone we believe impacted.
Files potentially exposed were documents uploaded through our applications portal, primarily letters of support for applications and photos. The personal information contained in these documents will vary but may include contact information, gender and sexual identity, disclosure of any disability, racial or ethnic origin and a signature.
We are deeply disappointed that this incident occurred and wish to apologise to those affected.
