Local authorities have launched an investigation into a significant data breach. This breach has since seen a large number of high-profile phone numbers, like Prime Minister Anthony Albanese’s and Opposition leader Sussan Ley’s, made publicly available. Cybersecurity experts joined government officials in expressing shock that the breach had occurred. It should raise alarming doubts about just how safe our personal data is in an ever-more electronic society.
The ASD is continuing its cyber security investigation into the incident. According to the reports, a third-party publicly available data aggregator had employed artificial intelligence to scrape data from various online repositories including social media apps. This scraping tactic enabled the site to collect personal information of the users without their permission and then to post it all publicly.
Acting Prime Minister Richard Marles condemned the leak as dangerous. He continued, “We’ve alerted local authorities, and that is being processed through. There’s always concern.” He called the breach “unacceptable” and promised that, while the government had been notified, they would work to rectify the breach and set things right.
On Tuesday, the ASD published its annual report. It pointed to a scary 11 percent jump in cyber incidents since last year. Alarmingly, usernames and passwords are still the most common doorways for cyber criminals to break in. These credentials can open doors for them to enter these massive entities. Criminals typically either steal or purchase these credentials from the dark web. This reality calls into serious question the true effectiveness of traditional password security.
Abigail Bradshaw, ASD director-general, pointed to a new trend in the way that cyber criminals and state actors were penetrating systems. She remarked, “Networks are increasingly not being hacked, but are being breached through compromised or stolen credentials to gain unauthorized access.” This constantly changing world of cyber threats highlights the importance for both consumers and businesses to take even stronger precautions.
The ASD is calling on Australians to move away from text-based passwords. In place of passwords, they suggest leveraging multi-factor authentication to better protect your accounts from unauthorized access. The announcement was made in light of increasing concern over the state of the protection of personal data.
Additionally, the Opposition leader’s office has taken proactive steps by requesting that LinkedIn remove the publicly accessible information from Sussan Ley’s profile. A spokesperson for LinkedIn responded to inquiries regarding data scraping, stating, “In addition to the technology and teams we’ve long had in place to stop unauthorized data scraping, we continue to invest in new defenses and take legal action when necessary, to detect and prevent our members’ information being used without their consent.”
The investigations are ongoing. Government officials and cybersecurity professionals are pushing for us to protect personal data, as our digital footprints are more susceptible to exploitation than ever before.
