An IT security vulnerability found on all of News Corp's major metropolitan websites in Australia and uncovered by an IT security expert gave the expert the potential to access all of its newsletter subscribers' highly personal information, including their household income.

Other details found to have been exposed included an email subscriber's mobile number, year of birth, how many children they have, whether they are the household's main grocery buyer, their first and last name, postcode, occupation, interests, email address and gender. No credit card information or passwords were exposed.

One of News Corp's subscriber's information the security expert was able to access.

The information of anyone who had ever signed up to receive a News Corp metropolitan newspaper newsletter was available. Sydney's Daily Telegraph, Adelaide's Advertiser, Melbourne's Herald Sun, Brisbane's Courier Mail, Hobart's Mercury and The Australian all hosted subscriber information on the newsletter database found to contain the vulnerability.

A number of regional News Corp newspaper websites also used the same database.