Select Page

Incident: Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols | ABC News Australia

Posted by | May 30, 2022 | , , , , , , | 0 |

Incident: Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols | ABC News Australia

Australian Data Breach Incident, 30 May 2022

Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols

Contractor said to have sent classified documents to his personal email address was allowed to work in another federal government department after the cybersecurity breach

Source: Hundreds of classified Home Affairs documents believed sent to unsecured address in ‘serious’ breach of security protocols | ABC News Australia

Related incidents from Australian Department of Home Affairs and the Australian Government.

A Department of Home Affairs (DHA) contractor suspected of illegally sending classified documents to an unsecured location was allowed to continue working in the public service.

The man is alleged to have stripped the “classified” status from files relating to 500 departmental projects, before forwarding them to his personal email address to access at home.

A figure familiar with the “serious” breach of security protocols told the ABC the contractor removed the classification ratings from documents so his actions did not trigger an internal departmental alert system.

One of the man’s former colleagues says he held a NV1 (negative vetting level 1) security clearance, which allowed him ongoing access to view secret documents, in addition to temporary, supervised access to top-secret information.

His unauthorised activity is believed to have taken place from as early as 2020 until the man’s contract ceased in June 2021, and to have involved projects across the Home Affairs portfolio, including Australian Border Force data.

The Department of Home Affairs then referred the case to the Australian Government Security Vetting Agency (AGSVA), which is the central vetting agency for the Australian Government and conducts security clearance assessments.

The man was later hired for contract work with another large federal government department on project management, despite several former colleagues within DHA’s intelligence branch declining to provide personal references.

Altering Commonwealth records without approval is a breach of the Commonwealth Crimes Act and a breach of the Department of Home Affairs’ internal security instructions

 

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: Government orders ‘urgent review’ of health app sharing users’ information with lawyers | ABC News

Incident: Government orders ‘urgent review’ of health app sharing users’ information with lawyers | ABC News

June 26, 2018

Audit: Queensland’s offender IT system used to extort prisoners | iTnews

Audit: Queensland’s offender IT system used to extort prisoners | iTnews

December 19, 2018

Incident: CBA customers’ medical data exposed in potential privacy breach | ABC News (Australia)

Incident: CBA customers’ medical data exposed in potential privacy breach | ABC News (Australia)

December 3, 2018

Incident: Corporate tech giant Accenture leaves secret data exposed to public internet | SMH

Incident: Corporate tech giant Accenture leaves secret data exposed to public internet | SMH

October 11, 2017

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Exclusive: INC Ransom claims cyber attack on Australian engineering service company
Exclusive: INC Ransom claims cyber attack on Australian engineering service company

Threat actors have claimed a cyber attack on an Australian engineering solutions company and are threatening to publish data they allegedly … [...]

Exclusive: Major cleaning and facility services firm confirms third-party cyber incident
Exclusive: Major cleaning and facility services firm confirms third-party cyber incident

Major private cleaning and facility services firm Menzies Group has confirmed a cyber incident that occurred after a third-party IT provider was … [...]

Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims
Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims

A Sydney-based vocational college has found no evidence of compromised student data after being listed on the leak site of a prolific hacking group. • … [...]

Victorian bulk porting scammer gets over two years in prison
Victorian bulk porting scammer gets over two years in prison

A 35-year-old man from Lynbrook, south-east Melbourne, has received a prison sentence of two years and two months, with a 12-month non-parole period, … [...]

NSW cyber cops bust alleged bullion-buying BEC bandits
NSW cyber cops bust alleged bullion-buying BEC bandits

NSW Police have charged three people over an alleged $600,000 business email compromise (BEC) scam operation, after detectives caught a young woman … [...]

Miners’ data targeted as hackers hold software provider to ransom
Miners’ data targeted as hackers hold software provider to ransom

Dozens of Australian mining companies are scrambling to access their key technology systems after a major software supplier to the sector was … [...]

Instructure dealing with Canvas cyberhackers a dangerous tactic, say experts
Instructure dealing with Canvas cyberhackers a dangerous tactic, say experts

The company that runs Canvas has painted a target on its back for future extortion attempts by making a deal with hackers, according to cybersecurity … [...]

Exclusive: Hospitality IT provider allegedly breached by Qilin
Exclusive: Hospitality IT provider allegedly breached by Qilin

Threat actors have claimed a cyber attack on an Australian hospitality and gaming industry supplier, having listed the firm on the dark web. • Fri, 15 … [...]

ACCC welcomes another year of funding for the National Anti-Scam Centre
ACCC welcomes another year of funding for the National Anti-Scam Centre

The Australian consumer watchdog is pleased with the overall funding boost of $67.7 million over four years in the 2026–27 budget. • Thu, 14 May 2026 … [...]

Report: Business email compromise attacks surged dangerously in April
Report: Business email compromise attacks surged dangerously in April

BEC attacks rose 151 per cent month on month in April, with advanced fee and gift card fraud key drivers. • Thu, 14 May 2026 • Security *]:clear-none … [...]

Scope Systems confirms cyber incident, says no data loss occurred
Scope Systems confirms cyber incident, says no data loss occurred

Western Australia-based software deployment specialist and reseller Scope Systems has disclosed a cyber incident but said no data loss occurred. • … [...]

Instructure breach: ShinyHunters says ‘matter has been resolved’
Instructure breach: ShinyHunters says ‘matter has been resolved’

The hackers behind the global Canvas LMS breach have said they are no longer “seeking money” from any victim. • Wed, 13 May 2026 • … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading