Australia's Finance Department Admits Second Data Leak in 4 Months That Revealed Confidential Information

By Thea Felicity

Feb 22, 2024 08:50 AM EST

Australia's finance department has admitted to accidentally sharing confidential commercial information for the second time. According to The Guardian, the second data leak coincided with the release of data showing human errors as the primary cause of government data breaches.

(Photo : Photo by TORSTEN BLACKWOOD/AFP via Getty Images)
Australia's national flag flies near the corporate logo (L) above the headquarters of the Commonwealth Bank of Australia (CBA) on August 11, 2010 as the bank announced a 5.15 billion USD net profit in Sydney. The CBA posted a 20 percent increase in full year net profit but issued a cautious outlook due to global economic uncertainty.

Australia's Finance Department Announces Second Accidental Data Leak

In last week's data leak, the finance department inadvertently emailed 236 suppliers, and the email contained "embedded information with some third-party confidential information." A similar data leak happened last November when emails were accidentally sent to 22 service providers. 

Shadow finance minister Jane Hume expressed concerns over the breach, citing potential damage to confidence in the procurement process. The Office of the Australian Information Commissioner's latest statistics paint a concerning picture of the federal government's cybersecurity landscape. 

The data released on Thursday indicates a resurgence of cyberattacks on government agencies, which are back in the top five sectors hit by data breaches for the first time in three years.

The data also reveal a higher prevalence of breaches in government agencies due to human error. It also shows that the government takes longer to respond to breaches and identify those behind the criminal acts.

Data breaches have raised broader concerns regarding the impact on affected stakeholders, including suppliers whose confidential information may have been compromised. 

David Pocock, an independent senator for the ACT, said the repeated "failure of process from the Department of Finance is deeply concerning," and it was "very damaging for smaller firms," who now face a serious competitive disadvantage due to the inadvertent disclosure of their pricing details to 236 suppliers.

 The Australian reported that in the latest breach, supplier and service provider names and price scales for major firms, including Deloitte, KPMG, Minter Ellison, and Boston Consulting Group, were included on a hidden tab on a spreadsheet. 

READ NEXT: Australian Manufacturer Hiro Brands Leaves Staff Jobless After Entering Voluntary Administration

Solutions of Australia's Finance Department 

Led by former commonwealth ombudsman Michael Manthorpe, Australia's finance department will conduct an independent review to address the latest breach and evaluate its underlying causes. 

This review aims to scrutinize the circumstances surrounding the unauthorized disclosure of information and assess the department's existing systems and processes. 

While the department has apologized and attempted to mitigate potential damages, the incident underscores the urgent need for comprehensive data protection and governance framework reforms.

In a statement, the finance department said it tried calling all suppliers to ask them to delete the email and attachments.

"No third-party confidential information would have been accessed or viewed by a person who simply opened the email or its attachments," the department said.

Data from the Office of the Australian Information Commissioner shows that health sector providers had the most breaches in the six months to December last year, totaling 104. The finance sector followed with 49 incidents, insurance with 45, retail with 39, and government with 38.

READ MORE: Wyze Camera Breach Enables 13,000 Users to Peek Into Strangers' Homes

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics