IPA members hit by data breach

The Institute of Public Accountants (IPA) in Australia notified its members last week that a data breach exposed their names and member numbers due to a human error during an automated database process. IPA confirmed that no personal or sensitive information was compromised, limiting the breach to member identification details. The incident occurred as part of an automated process, which IPA disabled immediately after discovery. The organization worked with its technology partner to investigate the root cause and implement stronger controls to prevent future breaches. IPA CEO Andrew Conway stated that the breach was contained quickly and that safeguarding member data remains a priority. In a statement, Conway emphasized that the institute takes the matter seriously and has taken steps to reduce the risk of similar incidents. He apologized for the concern caused and assured members that their information was protected. The Affiliation for Business Resilience and Turnaround chair, Eddie Griffith, noted that IPA handled the breach appropriately through prompt disclosure and remediation. The breach underscores the risks of increased reliance on external software platforms, where human error remains a leading cause of data leaks globally. Despite the limited scope of the breach, IPA has reinforced its controls with its technology supplier to enhance data security moving forward.