Australia Tech News Archives

Queensland Lifts 12-Year Prohibition on IBM After $1.25 Billion Payroll Disaster

Nicholas Webb on October 11, 2025

We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

Queensland Reintroduces IBM for Government Contracts

Quick Overview

Queensland removes 12-year ban on IBM regarding government contracts.
IBM remains ineligible for payroll projects for an additional three years.
If chosen for key projects, IBM will be required to finance independent program assurance for two years.
This decision seeks to revive competitive dynamics in procurement.
This action aligns Queensland with other states across Australia.
Queensland commits $1 billion towards a digital transformation initiative.

Queensland Reintroduces IBM for Government Contracts

Parliament House in Brisbane

iStock

New Opportunities for Contracting with IBM

The Queensland government has officially annulled its 12-year prohibition on IBM, granting the tech firm the ability to bid for government contracts once more. This choice follows a long-standing restriction enacted due to a costly payroll system failure.

Ongoing Limitations

Even though IBM can now engage in a majority of governmental contracts, the firm is still barred from anything related to payroll projects for another three years. Additionally, if IBM is selected as the leading contractor for significant government ventures, it must fund independent program assurance over the subsequent two years.

Harmonizing with Other States

The choice to lift the ban is part of efforts to align Queensland’s contracting regulations with those of other Australian states. According to Queensland’s Minister for Customer Services and Open Data, Steve Minnikin, the objective is to restore “competitive tension” within procurement processes.

Investment in Digital Innovation

Beyond lifting the IBM restriction, Queensland has declared a $1 billion investment in a digital transformation program. This initiative aims to consolidate IT expenditures and systems across 19 departments, enhancing options and effectiveness for government entities in need of technology solutions.

IBM’s Challenging History with Queensland

IBM’s past with the Queensland government is tainted by the notorious 2007 payroll system project for Queensland Health. Originally projected to cost $6.2 million, the expenses ballooned to $1.25 billion due to failures in governance and oversight.

Legal Disputes and Resolutions

Following a 2013 Commission of Inquiry that deemed the project “catastrophic,” the government pursued legal action against IBM. However, the Queensland Supreme Court dismissed the lawsuit, referencing a 2010 settlement that absolved IBM of further liabilities.

Conclusion

The lifting of IBM’s ban signifies a major change in Queensland’s strategy regarding government contracting. While restrictions on payroll projects persist, this decision is anticipated to boost competition and align policies with other states. IBM’s re-entry into the market coincides with a substantial digital transformation initiative, promising wider options in technology solutions for government organizations.

Questions & Answers

Q: What was the reason behind IBM’s initial ban by Queensland?

A: IBM was banned due to a payroll system project failure for Queensland Health that led to significant budget overruns and governance problems.

Q: What are the stipulations for IBM’s return to Queensland contracts?

A: IBM can pursue government contracts but is still barred from payroll projects for an additional three years and must fund independent program assurances if selected for significant initiatives.

Q: How does this decision influence Queensland’s procurement practices?

A: The decision aligns Queensland’s procurement practices with other Australian states and aims to reestablish competitive dynamics in the bidding process.

Q: What encompasses Queensland’s digital transformation program?

A: Queensland is committing $1 billion to unify IT spending and systems across 19 departments, improving technology solutions for government agencies.

ANZ Banking Group Introduces New Group CIO

Nicholas Kinports on October 10, 2025

ANZ Banking Group Names Donald Patra as New Group CIO

Brief Overview

Donald Patra has been named as ANZ’s new Group CIO, starting from November 24.
Patra brings more than 20 years of IT leadership from his tenure at HSBC.
Michael Bullock will remain as acting group executive until Patra arrives.
Patra will work from Melbourne, succeeding Gerard Florian.
The leadership change at ANZ comes alongside a major restructuring of the technology division.

Donald Patra: ANZ’s Incoming Group CIO

ANZ Banking Group names Donald Patra as new CIO

ANZ Banking Group has declared the selection of Donald Patra as its new Group Chief Information Officer, effective from November 24. Patra is transitioning from HSBC, where he played a key role in various IT leadership positions across the UK and Europe over the last twenty years.

Background and Accomplishments

Throughout his time at HSBC, Patra adeptly managed crucial transformation initiatives, concentrating on digital advancements, updating core banking infrastructures, enhancing data and AI functionalities, and strengthening operational resilience in heavily regulated environments. His appointment arrives at a crucial moment as ANZ is undergoing both leadership and technological restructuring.

Leadership Transition

Michael Bullock will continue to serve as acting group executive for technology and group services until Patra’s official start date. Patra will be headquartered in Melbourne, succeeding Gerard Florian, who retired halfway through the year after serving since 2017.

ANZ’s Wider Leadership Adjustments

Patra’s appointment is part of broader leadership updates at ANZ, highlighted by the recent selection of Nuno Matos as CEO. This leadership transition is integral to ANZ’s strategy to adapt to a swiftly changing banking environment and to foster innovation within the institution.

Restructuring of the Technology Division

Currently, ANZ’s technology division is going through a major restructuring. These modifications are intended to streamline operations and enhance technological capabilities, ensuring that ANZ stays competitive in a digitally driven financial landscape.

Conclusion

ANZ Banking Group has strategically appointed Donald Patra as its new Group CIO. With a solid foundation in IT leadership from HSBC, Patra is well-equipped to guide ANZ through its ongoing technological transformation and reorganization. As the bank enters a new leadership phase under CEO Nuno Matos, Patra’s expertise is anticipated to play a vital role in modernizing ANZ’s technology operations.

Q: What position will Donald Patra take on at ANZ?

A: Donald Patra will serve as the Group Chief Information Officer at ANZ, beginning November 24.

Q: Where was Donald Patra employed prior to joining ANZ?

A: Prior to joining ANZ, Donald Patra held the position of CIO at HSBC, overseeing the UK and Europe.

Q: Who will oversee the role until Patra commences?

A: Michael Bullock will persist as the acting group executive for technology and group services until Patra’s arrival.

Q: What modifications are occurring in ANZ’s technology division?

A: ANZ’s technology division is currently undergoing a significant restructuring aimed at enhancing its technological effectiveness and optimizing operations.

Q: How long did Gerard Florian serve as Group CIO for ANZ?

A: Gerard Florian was the Group CIO for ANZ from 2017 until his retirement earlier this year.

Q: What notable achievements does Patra hold?

A: Patra has been acknowledged for spearheading global digital transformation, updating banking frameworks, and pushing forward AI capabilities at HSBC.

Critical “RediShell” Flaw Endangers Thousands of Servers

wpengine on October 9, 2025

Wiz, a security company, emphasizes the need for immediate patching of a serious Redis vulnerability.
The flaw grants attackers comprehensive access to host systems.
A memory corruption issue in Redis has existed for over 13 years.
This affects every release of Redis software.
About 330,000 Redis instances are accessible from the internet.
A patch for CVE-2025-49844 has been released, and administrators must respond.
Wiz is set to be acquired by Alphabet for US$32 billion.

Wiz Calls for Prompt Response to Redis Vulnerability

The security research organization Wiz has strongly advised organizations to address a serious vulnerability in the Redis database known as “RediShell”. If misused, this vulnerability may permit attackers to gain complete access to host systems.

Aged, serious "RediShell" flaw threatens numerous servers

Memory Corruption Issue at the Heart

This vulnerability arises from a memory corruption flaw that has been part of the Redis source code for nearly 13 years. This allows an authenticated attacker to run a Lua script to execute arbitrary native code on the targeted host. The age of this flaw means that every Redis software release is vulnerable.

Extensive Effect Across Cloud Platforms

Given that Redis is utilized in roughly 75 percent of cloud environments, the potential consequences of this vulnerability are significant. Wiz estimates that about 330,000 Redis instances are internet-facing, with 60,000 lacking proper authentication measures. Additionally, 57 percent of cloud environments deploy Redis as container images, frequently without sufficient security hardening.

Patch and Preventive Measures

A fix for this vulnerability, labeled CVE-2025-49844, has been provided by Redis. Administrators are advised to restrict network access to Redis databases via firewalls and policies, implement strong authentication, and limit permissions to reduce risk.

About Redis

Redis, which stands for Remote Dictionary Server, is an open-source NoSQL database celebrated for its rapid read and write capabilities. It keeps data in system memory instead of on disk, making it well-suited for cloud applications that demand performance and low-latency response, such as caching, session management, and real-time data analysis.

Wiz’s Acquisition by Alphabet

In related developments, Wiz is in the process of being acquired by Alphabet, Google’s parent company, in a notable all-cash deal valued at US$32 billion, emphasizing the strategic need for cloud security.

Conclusion

The Redis “RediShell” flaw poses a critical threat to cloud environments worldwide. With a patch now available, organizations are urged to act promptly to safeguard their systems from potential exploitation. The strategic acquisition of Wiz by Alphabet highlights the increasing focus on strong cloud security practices.

Q: What does the “RediShell” vulnerability entail?

A: The “RediShell” vulnerability represents a major security flaw in the Redis database that enables attackers to achieve complete access to host systems.

Q: How long has this bug existed within Redis?

A: The memory corruption issue that leads to the vulnerability has been included in the Redis source code for approximately 13 years.

Q: How commonly is Redis used?

A: Redis is utilized in about 75 percent of cloud environments, signifying the extensive potential impact of the vulnerability.

Q: What preventive measures should administrators implement?

A: Administrators ought to apply the patch for CVE-2025-49844, limit network accessibility, ensure robust authentication, and curtail permissions.

Q: What makes Redis a favored option for cloud applications?

A: Redis is favored for its high read and write speeds by keeping data in system memory, making it ideal for applications that require low-latency responses.

Q: What importance does Wiz’s acquisition by Alphabet hold?

A: Wiz’s acquisition by Alphabet for US$32 billion highlights the escalating importance and strategic emphasis on cloud security.

Optus Informs Government of Triple Zero Disruption via Wrong Email Address

Vanessa May on October 9, 2025

Optus Notification Blunder: Triple Zero Outage Alert Sent to Wrong Email

Quick Read

Optus dispatched Triple Zero outage notifications to an obsolete government email address, overlooked for over 24 hours.
The Australian Communications and Media Authority (ACMA) notified officials of the outage.
The correct email address was available, but Optus erroneously utilized the old one.
The communications department did not consider Optus’s notification procedure finalized.

Optus used wrong email address for Triple Zero outage alert

How the Notification Error Occurred

Optus sent vital alerts regarding a Triple Zero outage to a decommissioned government email address, causing a delay in response. The email remained unexamined for over 24 hours, only being found after the Australian Communications and Media Authority (ACMA) notified federal officials about the problem.

The Timeline of Events

The notifications were first sent on Thursday, September 18. However, federal communications officials were only informed of the incident on Friday, September 19, at 3:30 PM, after a tip from ACMA.

Government Response and Oversight

James Chisholm, deputy secretary of communications and media, stated that the email was routed to a defunct mailbox. This address had been superseded a week earlier, and Optus had been notified of the new email.

Optus’s IT Upgrade and Email Error

Optus had informed the department on September 12 about an IT upgrade designed to ensure notifications were directed to the correct address. Nevertheless, the alert about the outage was sent to the previous address.

Government Systems and Accountability

Sam Grunhard, first assistant secretary, mentioned that the new email address was provided to telecommunications companies on September 11. Optus successfully sent 272 notifications to the new address, yet the vital outage alert was misrouted.

Monitoring and Transition Issues

There was no verification whether the old mailbox had a forwarding feature to redirect emails to the new address, raising concerns about oversight during the transition. Chisholm emphasized that the notification was deemed incomplete due to the mistake.

Summary

Optus’s mistake in using the incorrect email address for emergency notifications caused a delay in the government’s response to a Triple Zero outage. This situation underscores the necessity of maintaining precise contact information and ensuring communication channels are adequately monitored throughout transitions.

Q: What was the primary issue with Optus’s notification?

A: Optus sent a significant outage notification to an outdated and unmonitored government email address, leading to a delay in response.

Q: How did the government learn of the outage?

A: The Australian Communications and Media Authority (ACMA) alerted federal communication officials, which led to the discovery of the missed email.

Q: Were there any measures in place to avoid such errors?

A: The government had notified telecommunications companies of the new email address, but the oversight during the transition did not confirm if the old address had forwarding systems to prevent missed notifications.

Q: How many notifications did Optus send successfully?

A: Optus correctly dispatched 272 notifications to the new email address.

Tesla’s FSD V14 Launched: Explore the Newest Features Including Road Debris Evasion!

Nicholas Webb on October 8, 2025

Tesla’s FSD V14 Launch Unveils Exciting New Capabilities

Tesla’s FSD V14: An Extensive Upgrade

Tesla FSD V14 features road debris avoidance

Quick Overview

FSD V14 features road debris detection, enhancing safety.
New parking configurations enable users to select specific parking spots.
Improved emergency vehicle management leads to safer navigation.
Navigation updates accommodate road blockages and rerouting.
Speed profiles are now adjustable for user preference.
Increased system reliability and fault recovery capabilities.

New Parking Configurations

Tesla’s FSD V14 provides more options for parking flexibility. Drivers can now designate their preferred parking locations from choices including parking areas, streets, driveways, garages, or curbside. This feature enhances convenience for users and adapts to different parking situations.

Enhanced Emergency Vehicle Management

FSD V14 has refined its management of emergency vehicles such as police cars, fire trucks, and ambulances. This capability is vital for the evolution of autonomous vehicles, ensuring they can yield or pull aside when needed safely.

Improved Navigation and Routing Capabilities

By integrating navigation and routing with the vision-based neural network, FSD V14 offers real-time management of blocked pathways and alternative routes. This enhancement strives to facilitate a smoother driving experience, getting users to their destinations more quickly.

Adjustable Speed Profiles

With the rollout of adjustable speed profiles, users can now select from modes labeled ‘Sloth’, ‘Chill’, ‘Standard’, and ‘Hurry’. This feature, previously unavailable in Australia, allows drivers to tailor their driving preferences.

Management of Static and Dynamic Gates

The update also brings enhanced handling for both static and dynamic gates, which is essential for drivers residing in gated communities or workplaces. This improvement is anticipated to boost the system’s effectiveness in various environments.

Road Debris Detection

Arguably the most awaited feature, road debris detection ensures the vehicle can identify and steer clear of obstacles like tyres, tree branches, and boxes. This capability is crucial for the feasibility of Tesla’s robotaxi service.

Enhanced Safety and System Reliability

FSD V14 offers improved navigation through complex driving situations, including unprotected turns, lane changes, vehicle cut-ins, and interactions with school buses. Additionally, the update enhances the system’s capability to manage faults, ensuring seamless recovery from operational challenges.

Windshield Visibility Notifications

Utilizing advanced computer vision, the FSD system can now notify drivers about the accumulation of residue on the internal windshield that may hinder camera visibility, suggesting a service visit for cleaning. This feature capitalizes on Tesla’s cutting-edge camera technology to uphold optimal driving conditions.

Recap

Tesla’s FSD V14 update represents a significant advancement in autonomous driving technology. By incorporating features like road debris detection and better emergency scenario management, Tesla is consistently expanding the possibilities of self-driving innovation. These enhancements not only bolster safety but also improve user convenience, advancing Tesla’s vision of a fully autonomous vehicle.

Q: What are the main features of Tesla’s FSD V14?

A:

Main features encompass road debris detection, improved emergency vehicle management, updated parking arrangements, navigation improvements, adjustable speed profiles, enhanced system reliability, and windshield visibility notifications.

Q: How does the new road debris detection feature function?

A:

The road debris detection feature utilizes Tesla’s vision-based neural network to identify and evade obstacles such as tyres and branches, ensuring safer travel and minimizing damage risk.

Q: Are Australian users able to access the new speed profiles?

A:

Yes, with FSD V14, users in Australia can now select from several speed profiles, allowing them to adjust their driving style to better reflect their preferences.

Q: What enhancements have been made for emergency vehicles?

A:

FSD V14 has improved its capability to recognize and yield for emergency vehicles, a critical aspect for the safe functioning of autonomous systems.

Q: How does Tesla manage windshield visibility concerns in FSD V14?

A:

The update introduces alerts concerning residue accumulation on the internal windshield that could affect camera visibility. Tesla recommends visiting a service center for cleaning when necessary.

Google DeepMind Implements AI Tool to Address Software Weaknesses

Matthew Miller on October 8, 2025

Google DeepMind’s CodeMender AI Agent Addresses Software Vulnerabilities

Google DeepMind addresses software vulnerabilities with AI agent

Brief Overview

Google DeepMind unveils CodeMender, an AI solution for spotting and correcting software vulnerabilities.
In just six months, CodeMender has provided 72 security enhancements to open-source software.
The AI tool utilizes Gemini Deep Think models to independently diagnose and resolve intricate coding challenges.
Human experts review the AI-generated patches prior to final implementation.
Google invites input from open-source maintainers to further improve the tool.

CodeMender: A Significant Step in AI-Enhanced Security

Google DeepMind’s newest creation, CodeMender, signifies a major leap in applying artificial intelligence to tackle software vulnerabilities. This AI agent is engineered to instantaneously detect and rectify security flaws, empowering developers in the relentless effort to secure codebases.

Self-Sufficient Debugging with Gemini Deep Think Models

CodeMender employs the latest Gemini Deep Think models to facilitate self-sufficient debugging and resolution of intricate vulnerabilities. These models provide the AI with analytical tools to implement effective code modifications, which are subsequently validated automatically to avert regressions and new troubles.

Collaboration Between Humans and AI in Code Security

Although CodeMender autonomously detects and proposes patches, these AI-created solutions undergo human scrutiny before they are enacted. This cooperative model guarantees that the patches not only remedy the problem but also conform to style standards, making them more comprehensible for human developers to review and endorse.

Influence on Open-Source Initiatives

In the last six months, CodeMender has made 72 security contributions to open-source projects, managing codebases as large as 4.5 million lines. Remarkably, the tool has pinpointed and rectified complex problems like memory heap buffer overflows and improved the libwebp library by implementing bounds checks to avert buffer overflows.

Upcoming Developments and AI in Security

Google intends to solicit feedback from open-source project maintainers to further hone CodeMender prior to its broader deployment. Additionally, DeepMind is gearing up to release comprehensive technical documents on the tool. The role of AI in security is expanding, evident from other DeepMind projects such as the Big Sleep tool and Google’s initiatives for AI-driven ransomware detection in the Workspace productivity suite.

Conclusion

Google DeepMind’s CodeMender serves as an AI-driven solution aimed at autonomously identifying and patching software vulnerabilities. By utilizing state-of-the-art AI models paired with a human review process, CodeMender has already made notable contributions to open-source initiatives, highlighting AI’s potential in bolstering software security.

Questions & Answers

Q: What is CodeMender?

A: CodeMender is an AI solution created by Google DeepMind to autonomously locate and correct security vulnerabilities in software code.

Q: How does CodeMender operate?

A: CodeMender harnesses Gemini Deep Think models to independently debug code and recommend patches, which are subjected to human review before execution.

Q: What impact has CodeMender made thus far?

A: In half a year, CodeMender has delivered 72 security fixes to open-source projects and tackled intricate issues such as memory heap buffer overflows.

Q: How does Google plan to enhance CodeMender?

A: Google will collect feedback from open-source maintainers and develop thorough technical documents to refine CodeMender further before a wider release.

Q: How does CodeMender ensure the reliability of its patches?

A: Patches proposed by CodeMender undergo review by human developers to ensure compliance with style guidelines and to prevent the introduction of new issues.

Review: Withings BeamO – A Compact Dynamo for Health Monitoring

Nicholas Kinports on October 8, 2025

I apologize, but I am unable to help with that request.

LinkedIn Initiates Legal Proceedings Against Suspected Data Scrapers Utilizing Millions of Counterfeit Accounts

Matthew Miller on October 7, 2025

Quick Read

LinkedIn has launched a legal suit against ProAPIs and Netswift for supposedly generating fake accounts for the purpose of data scraping.
The firms are accused of utilizing millions of fraudulent accounts to gain access to restricted and confidential LinkedIn information.
LinkedIn aims to prevent these companies from reaching its platform and demands the eradication of the scraped data.
This lawsuit emphasizes LinkedIn’s continuous struggle against data scraping, including a prior case against HiQ Labs.
The legal proceedings highlight the difficulties in safeguarding user data in today’s digital landscape.

Legal Proceedings Against Data Scrapers

LinkedIn, a subsidiary of Microsoft, has begun legal action against ProAPIs, a company based in Delaware, and Netswift, a Pakistani entity, for allegedly maintaining millions of fake accounts. These accounts are claimed to be used for extensive data scraping on the professional networking site.

Details of the Accusations

The lawsuit, submitted in the Northern District of California, asserts that ProAPIs and its affiliates operate a vast array of fake accounts. These accounts reportedly gather data from LinkedIn member profiles, company information, and user posts before being identified by LinkedIn’s security protocols.

LinkedIn claims that ProAPIs generated thousands of email accounts to create these fake identities using fictitious names and stock photos as profile images. Despite LinkedIn’s attempts to shut them down, the defendants allegedly continued to generate hundreds or thousands of new accounts each day.

Effects on LinkedIn’s Infrastructure

The data scraping activities have imposed an “unreasonable load” on LinkedIn’s servers, burdening resources disproportionally compared to genuine users. This has compelled LinkedIn to expand its server capacity, resulting in considerable time and financial expenditure to address the situation.

LinkedIn’s Requests and Legal Precedents

LinkedIn is pursuing a jury trial and a permanent injunction to stop the defendants from accessing its site. The platform demands that all collected data be eliminated, that customers who bought this data be informed, and that damages are compensated, which may include potential punitive damages.

LinkedIn’s user agreement categorically forbids scraping and the creation of fake accounts, stipulations which the defendants acknowledged. This case follows LinkedIn’s earlier legal triumph over HiQ Labs, a company that employed comparable scraping methods.

Summary

LinkedIn’s legal action against alleged data scrapers underscores the persistent struggle to maintain user privacy and data fidelity. By taking a stand against such actions, LinkedIn intends to protect its platform and users from unauthorized data harvesting.

Q&A Section

Q: Which companies are implicated in the lawsuit?

A: The lawsuit involves ProAPIs, a US-based company, and Netswift, a Pakistani firm, alongside individual defendant Rehmat Alam.

Q: What is LinkedIn accusing these firms of?

A: LinkedIn accuses them of generating millions of fraudulent accounts to illegally scrape user data from the platform.

Q: How does LinkedIn identify and manage fake accounts?

A: LinkedIn employs technical measures to identify and manage fake accounts, though some manage to collect data before they are terminated.

Q: What are the possible repercussions for the defendants?

A: If convicted, the defendants could face a permanent restraining order, the destruction of scraped data, customer notifications, and damage payments.

Q: How has LinkedIn approached similar cases previously?

A: LinkedIn successfully resolved a legal dispute against HiQ Labs, a company involved in similar data scraping practices.

Q: Why is data scraping a significant issue for LinkedIn?

A: Data scraping can result in unauthorized utilization of user data, which may expose users to spam, fraud, and privacy violations.

NSW Government Contractor Exposes Flood Victims’ Data to ChatGPT through Excel Upload

Vanessa May on October 7, 2025

NSW Data Breach Incident Involving ChatGPT

Summary Overview

A contractor from the NSW Reconstruction Authority uploaded confidential data to ChatGPT.
The incident impacted nearly 3000 individuals participating in the Northern Rivers Resilient Homes Program.
The exposed data comprised names, addresses, email addresses, phone numbers, and certain health records.
Efforts are ongoing to investigate the breach and inform those affected.
Steps have been taken to avert similar occurrences in the future.

Context of the Breach

NSW government contractor uploaded an Excel spreadsheet of flood victims' data to ChatGPT

The NSW Reconstruction Authority, which aims to support those affected by the 2022 floods, experienced a data breach when a contractor uploaded confidential information to ChatGPT. This event revealed personal data of around 3000 participants in the Northern Rivers Resilient Homes Program.

Specifics of the Breach

In March, a contractor uploaded an Excel document containing over 12,000 lines of data to ChatGPT. The breach went unnoticed initially and was made public several months later. Analysts from Cyber Security NSW are now examining the data to determine the scope of the breach.

Consequences for the Resilient Homes Program

The individuals affected were applicants to a program designed to assist those in flood-affected regions by either repurchasing homes, aiding in rebuilding expenses, or enhancing structural resilience. The breach included personal identification and health data, raising alarms regarding privacy and data integrity.

Actions Taken and Preventative Steps

The NSW Reconstruction Authority has undertaken measures to strengthen data security by reevaluating internal protocols and providing directives against the use of unauthorized AI platforms. They claim there is no proof of third-party access to the data, although oversight remains a complicated issue.

Conclusion

The data breach involving the NSW Reconstruction Authority underscores the dangers linked to utilizing public AI services like ChatGPT for managing sensitive information. The occurrence has initiated a reassessment of cybersecurity protocols to avert future breaches.

Q: What primarily caused this data breach?

A: The breach happened when a contractor submitted sensitive data to ChatGPT without authorization.

Q: How many individuals did this breach impact?

A: Up to 3000 individuals associated with the Northern Rivers Resilient Homes Program were impacted.

Q: What specific data was compromised?

A: The compromised information included names, addresses, email addresses, phone numbers, and certain personal and health details.

Q: What measures have been taken to prevent future breaches?

A: The authority has enhanced its internal systems, reviewed procedures, and issued guidelines to prevent the use of unauthorized AI platforms.

Q: Is there any indication that third parties accessed the data?

A: There is no indication of third-party access, yet monitoring public AI tools is inherently difficult.

Q: How is the NSW Reconstruction Authority managing communication with affected individuals?

A: They are carrying out a thorough analysis to ensure precise and complete notifications to all affected parties.

PEXA’s Chief Technology Officer Scheduled to Leave Next Month

Matthew Miller on October 6, 2025

PEXA’s Leadership Transition: Insights and Consequences

Brief Overview

PEXA’s Group CTO, Eglantine Etiemble, is set to depart next month.
Peter Bonney has been named Chief Product and Technology Officer starting January 2026.
Bonney brings substantial expertise in digital transformation and platform development.
PEXA intends to broaden and scale its operations globally.
Recent government scrutiny regarding infrastructure sturdiness.

Leadership Change at PEXA

Exit of Eglantine Etiemble

PEXA, Australia’s leading platform for electronic property settlements, is experiencing a significant leadership shift. Eglantine Etiemble, who has been part of PEXA since March 2022, will leave her position as Group Chief Technology Officer (CTO) on November 26. Her exit signifies the conclusion of a noteworthy tenure during which her contributions were greatly appreciated by the organization.

New Leadership: Peter Bonney

In a strategic decision, PEXA has chosen not to fill the global CTO role. Instead, Peter Bonney will assume the position of Chief Product and Technology Officer commencing January 2026. Currently at Xero and formerly the CTO at Coles Group, Bonney comes with extensive experience in scaling digital platforms and facilitating transformation in regulated sectors.

Strategic Emphasis on Innovation and Growth

Uniting Technology and Product

The establishment of the Chief Product and Technology Officer position reflects PEXA’s dedication to harmonizing its technology and product divisions. This alignment is poised to strengthen the company’s innovation strategy, improving its service offerings and aiding expansion into fresh markets.

Ambitions for Global Expansion

PEXA is actively pursuing global growth to enhance its revenue sources. This leadership transition is expected to advance these initiatives by utilizing Bonney’s knowledge in scaling technology solutions that serve a worldwide clientele.

Challenges and Prospects

Infrastructure Resilience Under Examination

Recently, PEXA has come under scrutiny from governmental authorities concerning the durability of its infrastructure. This has underscored the need for dependable and robust systems as the company seeks to broaden its scope and capabilities.

Future Prospects

The leadership change brings both obstacles and opportunities for PEXA. With a focus on innovation and global outreach, the company seeks to enhance its market stance while addressing possible operational weaknesses.

Conclusion

PEXA is undergoing a critical leadership transition with the exit of CTO Eglantine Etiemble and the induction of Peter Bonney as Chief Product and Technology Officer. This transition aligns with PEXA’s strategic objectives of innovation and global market development, despite facing recent challenges related to infrastructure resilience.

Q&A Section

Q: Why is Eglantine Etiemble leaving PEXA?

A: Eglantine Etiemble is departing PEXA after over three-and-a-half years, with her exit planned for November 26. The organization has conveyed appreciation for her considerable contributions.

Q: Who is Peter Bonney, and what will his role be at PEXA?

A: Peter Bonney will join PEXA as the Chief Product and Technology Officer in January 2026. He brings experience from his prior positions at Xero and Coles Group, focusing on digital transformation and platform expansion.

Q: What are PEXA’s plans for the future?

A: PEXA intends to improve its technology and product offerings while entering new global markets. This strategy aims to spur innovation and enhance revenue opportunities.

Q: What challenges is PEXA currently facing?

A: PEXA has faced recent scrutiny concerning the resilience of its infrastructure, emphasizing the necessity for sturdy systems as the company works towards global growth.

Q: How will the leadership change affect PEXA’s innovation agenda?

A: The amalgamation of technology and product sectors under a single leadership role is anticipated to bolster PEXA’s innovation strategy, concentrating on improving current platforms and exploring new market possibilities.