Chinese national pleads guilty to AMP data breach
Chinese national and former contractor of AMP pleads guilty to downloading dozens of customer identity information.
A Chinese national and former contractor of wealth giant AMP has pleaded guilty to downloading dozens of customers’ identity information.
Yi Zheng downloaded 23 documents including passport and driver’s licences of 20 different customers at AMP and sent them to his personal email account after being at the company for only six months.
He then attempted to install a “darkweb” internet browser on his AMP laptop in December using an external USB storage device, court documents state. This caused security software program Dtex to automatically alert AMP cyber security staff who informed police of the data breach.
The Chinese national, from Burwood in Sydney’s innerwest, was arrested by NSW Border Force officers as he tried to board a flight to China with his wife and six-month-old baby around midday on January 17.
Officers seized mobile phones, SIM cards, a laptop, and electronic storage devices from Zheng and his luggage.
The 28-year-old appeared at Downing Centre Local Court on Thursday where his lawyer William Chan entered a plea of guilty. Zheng is due to be sentenced in March.
An AMP spokesman told The Australian the breach only affected 20 customers, all of whom were contacted in December.
Zheng’s misconduct was monitored and recorded by Dtex, a security software program used to detect credential misuse, stop data exfilteration and eliminate insider threats. His laptop history was also monitored and recorded by AMP Building Access Logs.
AMP said all relevant regulators and affected customers were contacted and additional cybersecurity systems were in place.
“The data breach involved a very small amount of customer information and we have no evidence this data has been further compromised,” the financial services company said in a statement.
“We are continuing to monitor this closely.”
Zheng commenced employment as a ‘Support officer, File Retrieval and Build’ at AMP’s Sydney branch in May last year, which allowed him to access digital documents for up to four different AMP customers a day. However, none of the 20 customers whose data was taken were allocated to Zheng for file retrieval, court documents state.
NSW Police Cybercrime Squad Commander, Detective Superintendent Matt Craft praised the “proactivity” of AMP staff in identifying the issue and said the investigation highlights the importance for businesses to have strong cyber security measures in place.
“In this case, the company’s systems detected a potential issue, and their expert technical staff immediately took steps to identify what occurred and prevent further breaches,” Detective Craft said.
“Identity information is an extremely valuable commodity on the black market and dark web, and anyone — whether an individual or business — who stores this data needs to ensure it is protected.”
“Their proactivity — including the early engagement with the Cybercrime Squad — and ongoing assistance throughout our investigation were key to a successful resolution.”
Investigations under Strike Force Paunelle will continue.
— With AAP
More Coverage
Women egged in anti-Semitic attack at Bondi Beach
Three men allegedly set upon a number of women on Saturday night in Sydney's east, throwing eggs at them, with police believing they were targeted because of the clothes they were wearing.
Nation ‘must not go down road’ of faith-based parties: PM
Parties founded on religion would undermine social cohesion, according to Anthony Albanese, as he reminded rogue senator Fatima Payman that she owed her election to Labor pre-selection.