Australian Information Security Incident Reported: June 27 2019
Police officer facing computer hacking charges
Subject to an investigation after gaining access to confidential information
Reported in: ARN
The unnamed officer from the Ethical Standards Command has now been stood down from official duty with the force pending an investigation into allegations of unauthorised access to confidential information.
The police officer has been served with a notice to appear alleging one charge pursuant to section 408E, computer hacking and misuse, of the Criminal Code and will be due to appear in the Brisbane Magistrates Court on 25 July.
Australian Information Security Incident Reported: January 11 2019
Fisheries Queensland has blamed a software bug introduced via an update for an incident that left users of its Fishnet Secure portal exposed over the break.
The Courier Mail first reported the incident on Wednesday this week, revealing that “fishermen attempting to log in discovered they could get in to any account on the supposedly protected portal without a password.”
FishNet Secure allows holders of Queensland fishing permits, licences and quotas to manage them online.
Australian Information Security Incident Reported: January 08 2019
Australian real estate network First National has reportedly had information it held on job applicants leaked online.
Allegedly leaked information includes the full names, addresses, phone numbers, dates of birth, and other personal information — as many applicants list their education and previous employment information on resumes — of around 2,000 people.
First National has over 400 offices throughout Australia, New Zealand, and Vanuatu, but it is unclear as to how many places the alleged leaked information relates to, with the screenshots provided indicating the Burleigh Heads and Palm Beach offices in Queensland are allegedly affected.
Australian Information Security Incident Reported: December 19 2018
Queensland’s corruption watchdog the Crime and Corruption Commission (CCC) has told the state’s corrective services agency to replace its offender management system after uncovering occasions where it was used by staff to extort prisoners.
It found the integrated offender management system (IOMS) used to perform case management for Queensland Corrective Services’ (QCS) lacked “appropriate access and use controls, and audit functionality”.
This means custodial correctional officers (CCO) are able to “view personal information about any prisoner”, with audit functionality unable to “systematically or accurately determine whether access to particular information is necessary or appropriate to the staff member role”.