Saturday, May 23, 2015

Australian Federal Police and other government agencies exposed to hackers in Telstra security breach

Security breach ... Telstra today revealed a security flaw in its company Pacnet exposed
Security breach ... Telstra today revealed a security flaw in its company Pacnet exposed information from thousands of business and government agencies, including the Australian Federal Police. Photo: AFP PHOTO/Torsten BLACKWOOD Source: AFP
 
AUSTRALIAN law enforcement and government agency accounts were exposed to hackers in a security breach at a Telstra-owned company earlier this year, it revealed today. 

The Australian Federal Police and other government agencies, along with thousands of small and medium-sized businesses, are among those that could be affected by the security lapse at data services provider Pacnet.

Telstra global enterprise services group executive Brendon Riley revealed the security breach this afternoon, saying it occurred while Telstra was buying the company and Telstra was only informed of the security problem when it finalised the $857 million deal on April 16.

Mr Riley said there was “no evidence that data has been taken” but the company is informing customers and the public “because of the nature of the breach”.

Data exposed ... The Australian Federal Police were one of thousands of Pacnet customers
Data exposed ... The Australian Federal Police were one of thousands of Pacnet customers whose data was exposed to hackers. Source: News Corp Australia
 
“We have had no contact from the perpetrators so we don’t know the reason behind it,” Mr Riley said.

“We don’t have any evidence (of Chinese government involvement). We don’t know the source of it and that’s really not our focus.”

The security vulnerability in a web application server gave third parties complete access to Pacnet’s corporate network, including email and administration systems.

The flaw could have allowed hackers to change, delete or download information from Pacnet’s databases and was only closed on April 3.

Telstra chief information security officer Mike Burgess said “it’s clear they had complete access to the corporate network” though there is currently no evidence of information being stolen.

Security failure ... Telstra-owned company Pacnet revealed the data flaw to Telstra on Ap
Security failure ... Telstra-owned company Pacnet revealed the data flaw to Telstra on April 16. Source: News Corp Australia
 
Mr Riley would not speculate on the type of information that could have been taken or changed and declined to list Australian government agencies or companies affected by the security flaw other than the Federal Police.

This evening the AFP issued a statement confirming it had been contacted by Telstra and had “assessed that no secure or classified material has been compromised” as a result of the breach, though it would “continue to engage with its service providers and partner agencies on this matter”.

Mr Riley admitted it would have been “better” to reveal the issue earlier.

“It wasn’t an environment that was completely familiar to us,” he said. “We wanted to get in and understand the situation and make sure we’d taken all the rectification steps we’ve undertaken. If we could have done it faster I think it would have been better to do it faster.”

Pacnet is not connected to Telstra’s network.

news.com.au 20 May 2015

'Normally' what happens when a site or company is hacked, information gets taken and used for whatever purpose at a later point in time.

According to the Australian Federal Police, when their security has been compromised and they've been 'hacked', apparently "no evidence that data has been taken" is the official word.

What a load of lies.

Data HAS been taken, but since the Australian Federal Police LIE, they can tell the 'serfs' whatever they want, WITHOUT any repercussions.

Another lie brought to you by the AFP.

See article:

Sacked AFP officer: 'We lie to members of the community on a daily basis'

No comments: