Home Affairs warns visa and passport details compromised by cyber attack
Cyber criminals have accessed sensitive visa and passport details, drivers’ licences and other personal information held by a Department of Home Affairs contractor.
Cyber criminals have accessed sensitive visa and passport details, drivers’ licences and other personal information held by a data firm contracted by the Department of Home Affairs, which oversees Australia’s cyber security architecture and policy.
Visa-holders using the department’s Free Translating Service have been warned their visa application, grant and subclass numbers, full names, dates of birth, mobile numbers, email addresses, drivers licences and passports are compromised.
A departmental Cyber Security Incident alert obtained by The Australian reveals FTS clients were instructed to not “attempt to search on the dark web for your personal information … doing so will encourage the criminal activity that has led to this incident and may further the potential harm to individuals”.
Amid a wave of cyber security incidents in recent weeks targeting businesses including critical infrastructure, FTS users were told ZircoDATA told Home Affairs officials in July its impacted dataset “included a number of documents from the department obtained as part of the FTS”.
The Australian can reveal ZircoDATA, the parent company of The Migration Translators which delivers the FTS for the Department of Home Affairs, was targeted by a significant cyber attack on January 18.
The breach resulted in the unauthorised extraction and publication of data held by the company on the dark web, including personal information of FTS clients who had accessed the service between 2017 and 2022. While initial assessment by ZircoDATA indicated FTS clients were not impacted, further forensic analysis revealed they had been.
In May, reports emerged that ZircoDATA had been targeted by Russian hackers from a ransomware gang known as Black Basta, who auctioned the details of tens of thousands of Australians on the dark web. About 60,000 past and present students at Melbourne Polytechnic were impacted by the breach, and thousands of sensitive documents from Monash Medical Centre were compromised.
Impacted FTS clients have been instructed to “reduce the risk of harm associated with access to your personal information”, including being alert to an increase in scam activity via email and telephone phishing attempts, and “in particular any such scam activity purporting to come from ZircoDATA or the department”.
“Both the department and ZircoDATA regret that this incident has occurred and has resulted in some of your personal information having been illegally accessed. We would like to apologise for any concern or inconvenience this may cause you,” the notice to FTS clients said.
The notice, which confirmed Department of Home Affairs systems “have not been impacted by the incident”, said “once aware of the incident, we understand that ZircoDATA worked urgently to contain the threat and investigate what occurred”.
“ZircoDATA has informed the department that it reported the incident to and continues to work closely with the Australian Cyber Security Centre and the Office of the Australian Information Commissioner as well as relevant government agencies and law enforcement authorities.”
A Department of Home Affairs spokeswoman on Thursday said they were working with ZircoDATA to “notify impacted clients of the cyber incident and steps they can take to protect their information. The department has been diligent and thorough in its efforts to fully understand the number of individual FTS clients impacted by the breach. The department has prioritised accuracy to ensure all relevant details are communicated clearly to those impacted and to put in place the necessary remedial support services, in agreement with ZircoDATA”.
“The department has imposed additional contractual conditions on ZircoDATA to ensure the security of current FTS client data, including system penetration testing, regular security reviews and reporting,” she said.
Following the Optus cyber attack in 2022, former home affairs and cyber security minister Clare O’Neil scolded the company for exposure to a “basic” hack by cyber criminals.
“We should not have a telecommunications provider in this country which has effectively left the window open for data of this nature to be stolen,” Ms O’Neil said. “Responsibility for the security breach rests with Optus.”
The department has told FTS clients who have been impacted by the cyber attack that they can request from ZircoDATA a 12-month credit monitoring service via Equifax Credit Protect and access expert case management support from IDCARE.
‘We have leadership role on climate change’
Anthony Albanese says Australia is playing a ‘leadership role’ in preparing the Pacific for climate change as he arrived in Samoa for a meeting of Commonwealth leaders.
Middle East ceasefire would help my CPI war: Chalmers
Jim Chalmers will make an economic case for a ceasefire in the Middle East and open a new front in Labor’s push to end conflict in the region, warning an escalation in fighting ‘risks persistent inflation for the global middle class’.