NewsBite

Australian Federal Police and other government agencies exposed to hackers in Telstra security breach

HACKERS had “complete access” to the network of a Telstra company storing information for the Australian Federal Police and other agencies.

Jennifer Dudley-NicholsonJennifer Dudley-NicholsonNATIONAL TECHNOLOGY EDITOR
A man passes Telstra's corporate logo outside Telstra's headquarters in Sydney on September 15, 2009, as shock plans to break up the telecommunications giant were announced by the Australian government. Telstra, which is subject to strict government regulation, would be forced to split its network and wholesale arm from its retail unit unless it agrees to do so. AFP PHOTO/Torsten BLACKWOOD
A man passes Telstra's corporate logo outside Telstra's headquarters in Sydney on September 15, 2009, as shock plans to break up the telecommunications giant were announced by the Australian government. Telstra, which is subject to strict government regulation, would be forced to split its network and wholesale arm from its retail unit unless it agrees to do so. AFP PHOTO/Torsten BLACKWOOD
2 min read
4:28PMMay 20, 2015.
Updated 5:47PMMay 20, 2015
News Corp Australia Network

AUSTRALIAN law enforcement and government agency accounts were exposed to hackers in a security breach at a Telstra-owned company earlier this year, it revealed today.

The Australian Federal Police and other government agencies, along with thousands of small and medium-sized businesses, are among those that could be affected by the security lapse at data services provider Pacnet.

Telstra global enterprise services group executive Brendon Riley revealed the security breach this afternoon, saying it occurred while Telstra was buying the company and Telstra was only informed of the security problem when it finalised the $857 million deal on April 16.

Mr Riley said there was “no evidence that data has been taken” but the company is informing customers and the public “because of the nature of the breach”.

Data exposed ... The Australian Federal Police were one of thousands of Pacnet customers whose data was exposed to hackers.
Data exposed ... The Australian Federal Police were one of thousands of Pacnet customers whose data was exposed to hackers.

“We have had no contact from the perpetrators so we don’t know the reason behind it,” Mr Riley said.

“We don’t have any evidence (of Chinese government involvement). We don’t know the source of it and that’s really not our focus.”

The security vulnerability in a web application server gave third parties complete access to Pacnet’s corporate network, including email and administration systems.

The flaw could have allowed hackers to change, delete or download information from Pacnet’s databases and was only closed on April 3.

Telstra chief information security officer Mike Burgess said “it’s clear they had complete access to the corporate network” though there is currently no evidence of information being stolen.

Security failure ... Telstra-owned company Pacnet revealed the data flaw to Telstra on April 16.
Security failure ... Telstra-owned company Pacnet revealed the data flaw to Telstra on April 16.

Mr Riley would not speculate on the type of information that could have been taken or changed and declined to list Australian government agencies or companies affected by the security flaw other than the Federal Police.

This evening the AFP issued a statement confirming it had been contacted by Telstra and had “assessed that no secure or classified material has been compromised” as a result of the breach, though it would “continue to engage with its service providers and partner agencies on this matter”.

Mr Riley admitted it would have been “better” to reveal the issue earlier.

“It wasn’t an environment that was completely familiar to us,” he said. “We wanted to get in and understand the situation and make sure we’d taken all the rectification steps we’ve undertaken. If we could have done it faster I think it would have been better to do it faster.”

Pacnet is not connected to Telstra’s network.

Read related topics:Telstra
Jennifer Dudley-Nicholson
Jennifer Dudley-NicholsonNational technology editor

Jennifer Dudley-Nicholson is the national technology editor for News Corp. She covers everything from folding smartphones, wearable tech and smart fridges to privacy issues, broadband infrastructure, and social media regulation. Highlights from her career of more than 20 years at News Corp and The Courier-Mail include interviewing two members of the Buffy cast, attending one of Steve Jobs' famous presentations, playing Super Mario with the man who created him, and writing about everything from flying cars to space junk lasers.

Jennifer Dudley-Nicholson

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

More related stories

Original URL: https://www.theaustralian.com.au/news/latest-news/australian-federal-police-and-other-government-agencies-exposed-to-hackers-in-telstra-security-breach/news-story/e5b3d302ddcbead7be19f94acbdbaf6c