Stay Smart Online is managed by Australia’s Computer Emergency Response Team (AusCERT) since 2008. In April 2012, when the contract expired, AusCERT sent the DBCDE a DVD containing the username, email addresses, password hashes and “memorable phrases” of 8,000 individuals via the country’s postal service.
However, the package never arrived at its destination, putting all those subscribers at risk.
The DBCDE believes that the chances for the information to be misused are slim, but they advise affected individuals to change their passwords in case they’re utilized on other websites as well.
According to TechEye, it's likely that the DVD hasn’t been sent via registered mail, which lead to the incident.
In the meantime, many have rushed to comment that this may be the “most embarrassing” data leak as far as government departments are concerned.