By Bonny Burrows
In 2017, Cardinia Shire Council was in hot water with residents over the management of ratepayer finances following two software glitches.
The first incident, revealed in late February, involved a security breach which exposed ratepayers’ credit card details to council staff members.
The council confirmed that credit card information of about 300 Cardinia residents was emailed out with payment receipts on Monday 20 February due to a “software error” which did not encrypt card numbers as required by security standards.
Instead the receipts, sent to the affected ratepayers themselves, contained their full 16-digit credit card numbers.
The incident breached Payment Card Industry Data Security Standards (PCI DSS) which are designed to ensure that credit card information is maintained in a secure environment, and left the involved payment processer and the council at risk of financial penalties.
However, no fines were imposed.
The Gazette reported the council did not process payments internally but instead used internet company Bill Buddy to process its online Flexipay rates payments.
The council’s Manager of Customer Communications Todd Trimble said once the glitch was discovered officers “immediately contacted the third party payment gateway provider and resolved the error”.
In April another council blunder, which was widely speculated to have also been caused by Bill Buddy, saw ratepayers incorrectly slogged with fines for supposed missed payments.
A number of residents received a summons notice from debt collectors despite paying for or having rate payment plans in place, risking a default on their credit report.
The council did not comment on the April incident.
