Select Page

Incident: Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols | ABC News Australia

Incident: Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols | ABC News Australia

Australian Data Breach Incident, 30 May 2022

Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols

Contractor said to have sent classified documents to his personal email address was allowed to work in another federal government department after the cybersecurity breach

Source: Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols | ABC News Australia

Related incidents from Australian Department of Home Affairs and the Australian Government.

A Department of Home Affairs (DHA) contractor suspected of illegally sending classified documents to an unsecured location was allowed to continue working in the public service.

The man is alleged to have stripped the “classified” status from files relating to 500 departmental projects, before forwarding them to his personal email address to access at home.

A figure familiar with the “serious” breach of security protocols told the ABC the contractor removed the classification ratings from documents so his actions did not trigger an internal departmental alert system.

One of the man’s former colleagues says he held a NV1 (negative vetting level 1) security clearance, which allowed him ongoing access to view secret documents, in addition to temporary, supervised access to top-secret information.

His unauthorised activity is believed to have taken place from as early as 2020 until the man’s contract ceased in June 2021, and to have involved projects across the Home Affairs portfolio, including Australian Border Force data.

The Department of Home Affairs then referred the case to the Australian Government Security Vetting Agency (AGSVA), which is the central vetting agency for the Australian Government and conducts security clearance assessments.

The man was later hired for contract work with another large federal government department on project management, despite several former colleagues within DHA’s intelligence branch declining to provide personal references.

Altering Commonwealth records without approval is a breach of the Commonwealth Crimes Act and a breach of the Department of Home Affairs’ internal security instructions

 


About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

* indicates required


Shares
Share This