Every year we see the story that obstetricians/piano teachers/landscape gardeners will be the focus of this year’s ATO blitz.

I always wonder how and why they dream this stuff up. Perhaps the idea is to instil the fear of God into all of us, lest we try to offset the cost of some colouring pencils we grabbed for the kids at Officeworks as a work-related expense.

In light of the events of the past few days, maybe the ATO should pull back on hassling us innocent and long-suffering taxpayers and spend more time getting its own shoddy house in order.

How appalling to marvel at the shoulder-shrugging glibness of the ATO and the relevant minister, Tony Burke, at this week’s revelations that an unknown number of Australians have had their personal taxation details hacked due to security flaws with the myGov website.

Not just hacked – they’ve had tax refunds lodged on their behalf with the money handed over to cyber criminals who altered their personal details through myGov.

It is damning to contrast the exposure of this government failure with comparable failures in the private sector.

Cast your mind back to September 2022 when Optus announced a cyber attack which exposed the data of almost 10 million Australians, 2.8 million of whom suffered serious loss of personal data – addresses, financial details and so forth.

The response from the federal government was thundering, and the pressure it placed on Optus CEO Kelly Bayer Rosmarin was so intense that she quit her job, saying it was “in the best interests of Optus” for her to leave the role.

The hounding of Ms Bayer Rosmarin was led at the time by Albanese government minister Clare O’Neil, who cut the CEO no slack in prosecuting the case that this was gold-plated corporate incompetence.

”We should not have a telecommunications provider in this country which has effectively left the window open for data of this nature to be stolen,” Ms O’Neil said.

“Responsibility for the security breach rests with Optus and I want to note that the breach is of a nature that we should not expect to see in a large telecommunications provider in this country.”

“We expect Optus to continue to do everything they can to support their customers and former customers. One way they can do this is providing free credit monitoring to impacted customers.

“This will help protect those customers against identity theft and I call on Optus to make that commitment today.”

Everything O’Neil said about Optus is true of the ATO. But in a classic case of do as we say, not as we do, the test set with Optus is not even close to being followed by the government in relation to a department for which it has full responsibility.

The response from Tony Burke to the ATO revelations was beyond pathetic, with the curiously named Minister for Cyber Security offering a few pat lines through a spokesman about the state of play with the ATO hack.

He had the audacity to pin all this not on the ATO itself, or the government, but us poor saps who use the myGov website, as if it’s somehow our fault because we are doing it wrong.

Confronted with growing evidence of the hacking and the filing of bogus tax returns, Mr Burke simply issued a statement reminding Australians to take extra care online.

“We’re working every day across government to strengthen our cyber defences, but there are simple, effective steps that every Australian can take to keep themselves and their families safe online,” it read.

“Most cyber incidents are preventable, and basic defensive measures make a huge difference. Software updates, strong pass phrases and multi-factor authentication are essential defences for all Australians.”

The stupidity of this statement was exposed by the fact that the people who’ve been hacked have been using two-factor authentication – that is, a computer password followed up by a coded number texted to their mobile – and are still being ripped off anyway.

The insulting nature of the response was born out by the responses from victims, saying they had not only used two factor authentication, but that when they contacted the ATO had been given the cold shoulder.

“I have every one of their security measures in place but still someone hacked my account and changed my bank details,” one of the victims said this week.

“They just say they’ll work it out in time and in the meantime I’m $5000 out of pocket with no idea if or when they are going to allow me to put in my tax return. It would seem they have a monumental flaw in their system but don’t want to take responsibility.”

One other victim told The Australian that hackers had been able to access his myGov account while he slept, despite triggering the 2FA – two-factor authentication.

“The (2FA) had been sent as an SMS to me and still the hacker got in without having access to that code,” he said.

“That morning they accessed my account three times; the first time the hacker was in there for 15 minutes. I rang the appropriate government department about it and they weren’t really interested.”

I know the second term of the Albanese government is only three weeks old, but this seems a grim portent of the miserable standard of government you get when you’re up against an opposition that has vanished up its own wazoo holding public symposiums about what it is and what it stands for.

And while she got zero sympathy at the time, you can’t but wonder belatedly what poor old Kelly Bayer Rosmarin makes of it all.

More Coverage

Dummy-spits and kneejerk panic: What’s behind the Coalition split

David Penberthy

Penbo: Junk food fascists declare new war on Australia’s poor

David Penberthy

Originally published as The stupidity of Tony Burke’s response to the ATO tax hack scandal is obvious | David Penberthy