EMQ Registration Data Privacy Incident

Events Management Queensland (EMQ) has contained an issue where one individual’s registration confirmation was accessible on the internet. The information included a person’s full name, residential and email address and date of birth. It did NOT include passwords, payment card details, financial account details or identity document numbers.   

Since being notified of this issue, EMQ has reviewed and strengthened relevant safeguards to ensure participant data remains appropriately protected. This includes removing all personal information from confirmation pages and self-reporting the isolated incident to the Office of the Australian Information Commissioner (OAIC).  

As a matter of precaution, we are conducting a thorough review and investigation of all relevant systems and platforms to ensure any related issues are identified and addressed.  

For further information, please review the FAQs below or contact EMQ at support@emqevents.com.au. We will aim to respond within three business days. 

FAQs

Was my information involved?
EMQ has identified and directly contacted the individual affected by this incident. Based on our investigations to date, we do not believe any other individuals were affected. 

While our investigation is ongoing, there is currently no evidence of an eligible data breach or misuse of information. 

What information was involved?
The information involved included an individual’s full name, residential address, email address and date of birth. 

The information did not include passwords, payment card details, financial account details, identity document numbers, or any other financial information. 

Was financial information involved?
No. The affected confirmation pages did not contain passwords, payment card details, financial account details, or identity document numbers. 

What has EMQ done since the issue was reported?
We have removed personal information from the affected confirmation pages, addressed the issue, notified the OAIC, and commenced further security testing. 

What events were impacted?
The issue was related to a specific registration on the 2025 Gold Coast Marathon registration platform. The same set-up was used for the Pan Pacific Masters Games and Bridge to Brisbane registration systems.  

EMQ events that use other registration platforms were not affected by this issue. 

Do I need to do anything about this?
At this stage, no action is required on your part. 

In line with general online security practices, be cautious of unexpected emails, phone calls or text messages, particularly if someone uses personal information about you to appear legitimate. If you have concerns, you may wish to monitor your accounts for unusual activity or seek advice from IDCARE, Australia’s national identity and cyber support service. 

If you have reviewed these FAQs and still have questions or concerns about this incident, please contact EMQ at support@emqevents.com.au and we will endeavour to respond within three business days. 

Should I be worried about identity fraud?
At this stage, we are not aware of any misuse of personal information arising from this incident. Currently, there is no evidence of an eligible data breach. 

As a precaution, we encourage individuals to remain vigilant for unexpected communications. 

Who can I contact?
If you have reviewed these FAQs and still have questions or concerns about this incident, please contact EMQ at support@emqevents.com.au and we will endeavour to respond within three business days. 

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) via www.oaic/gov/au or on 1300 363 992.