City To Bay Fun Run
| Primary URL | Location | Industry | citytobay[.]com[.]au |
Country
Australia
|
Hospitality & Leisure
|
|---|
Profile
City To Bay Fun Run, also referred to as City‑Bay Fun Run, is an organisation that organises a fun‑run event held in Australia. The event offers a course that starts in the city area and finishes at a nearby bay, providing a scenic route for runners and walkers. Participants interested in taking part must register through the organisation’s official website, where they provide personal information. The registration form collects details such as the participant’s full name, email address and, optionally, a telephone number. According to the description of the 2014 security incident, approximately 12,000 individuals had their data stored in the system at the time of the breach. This figure indicates the scale of the organisation’s participant base and the volume of personal data managed via its online platform. No financial information was stored on the system, as the organisers explicitly noted that payment details were not kept. The organisation’s core service is therefore the administration of participant registrations and the logistical support required to stage the fun‑run.
On 11 August 2014 an unauthorised individual potentially accessed the personal data of those roughly 12,000 registrants, leading to a police investigation. The breach may have exposed names, email addresses and some phone numbers, although no financial data was compromised because none was stored. In response, the event organisers immediately suspended online entries and disabled the affected portion of the website to prevent further access. They collaborated with law‑enforcement officials to investigate the incident while also communicating with participants about the potential exposure. Participants were advised to change their website passwords and to update any credentials that they had reused on other online services. The organisers emphasised that they were reviewing and strengthening their information‑security practices before restoring full functionality for the upcoming event. No information about the organisation’s ownership, parent company or subsidiary relationships is disclosed in the available sources. Consequently, the available profile is limited to the confirmed facts concerning the event’s purpose, scale, the 2014 breach and the subsequent security actions taken.
