ICT provider of ADF ‘internal social media’ used by soldiers and family in ransomware attack
A social media platform for soldiers and their families set up by an external ICT provider has been caught up in a ransomware attack, potentially exposing user details.
A social media platform for soldiers and their families set up by an external ICT provider has been caught up in a ransomware attack potentially exposing the details of some of its then 40,000 users.
The company behind ForceNet, a platform the ADF descries as “e-communications platform used to connect registered users within secure online communities”, was hit by a breach that may have exposed the private details of users, including dates of birth and dates of enlisting.
A Defence spokeswoman said the ADF had recently been informed by the external provider of the breach.
“Defence has recently been informed a 2018 ForceNet dataset (the dataset), containing personal information of current and former Australian Defence Force Members and Australian Public Servants, may have been part of a ransomware attack on an external ICT service provider (the provider),” she said. “This is not an attack on Defence ICT or the ForceNet application.”
ForceNet is understood to have been developed as a social media platform for defence personnel and their families in 2018.
The platform allowed defence personnel to invite up to three family members onto the website, which later became accessible by mobile app, to connect “with the Service related to their sponsoring Defence member plus the Defence Member & Family Support (DMFS) and Defence Families of Australia”.
“ForceNet provides a secure means for Defence families to access authoritative information on defence matters relevant to them as well as a channel for discussions,” the website reads.
The ADF was still examining the content of the dataset that had been breached and the full amount of information that may have been breached is not yet known, the Defence spokeswoman said.
“Initial discussions with the service provider indicate there is no evidence that the data of current and former APS staff and ADF personnel has been compromised,” she said.
“Defence is taking this matter very seriously and is working with the provider to determine the extent of the attack.”
Defence Personnel Minister Matt Keogh, who described ForceNet as an “internal social media platform”, said on Monday that ADF personnel were being connected to an external provider for assistance in protecting their personal identification documents.
“We haven’t seen any evidence of that information being made available to anyone as a result of that attack, but we just want to make sure that all defence staff and personnel remain vigilant, and we’re working with that external contractor now to make sure we get the best picture of what has occurred so that they’ve got the best support to ensure the security of their data as well,” he said.
Earlier on Monday, Assistant Defence Minister Matt Thistlethwaite confirmed to ABC North Queensland that all ADF personnel had been told to remain vigilant until the full extent of the breach is known.
“Defence have notified all ADF personnel this morning that a Defence ICT provider, so I want to stress that this isn’t an attack or a breach on Defence ICT systems and entities, it’s on one of the external providers that Defence contracts to run one of their websites,” he said.
Need to chat? Call or text Lifeline on 13 11 14 or 0477131114; All-hours Support Line on 1800 628 036; Defence Member and Family Helpline on 1800 624 608
More Coverage
Flirt or fleece? How romance scams cost Aussies $201m
When love comes looking for you online, there might be something bigger at play.
Apple set to release ‘newest member of the family’
Apple chief executive Tim Cook will unveil a new product next week, sending the tech giant’s stock as much as 2 per cent higher.