Original article by Stephanie Borys
abc.net au – Page: Online : 3-Oct-19
Australian National University vice chancellor Brian Schmidt says a cyber attack on its computer network in November 2018 was an ‘extremely sophisticated operation’. It was also very simply executed, with ANU’s systems being compromised after a staffer merely previewed an email with an attachment, which allowed the hackers to create a copy of the university’s network map. The hackers were then able to access ANU’s enterprise systems domain, which enabled them to steal the personal data of ANU students from the last 19 years. The motives of the hackers remain unknown, but the stolen data could potentially include that of former students who are now in positions of power in both Australia and abroad.
AUSTRALIAN NATIONAL UNIVERSITY
Original article by Joyce Moullakis
The Australian – Page: 19 : 26-Aug-19
The security of the New Payments Platform is under scrutiny in the wake of revelations that the system has been subject to a second data breach. Cuscal has indicated that only about three per cent of bank and credit union customers who have registered for a PayID have been affected by the breach, which equates to less than 92,000 customers. Westpac customers who use the real-time NPP system were affected by a data breach in June.
CUSCAL, WESTPAC BANKING CORPORATION – ASX WBC, COMMONWEALTH BANK OF AUSTRALIA – ASX CBA, NATIONAL AUSTRALIA BANK LIMITED – ASX NAB, AUSTRALIA AND NEW ZEALAND BANKING GROUP LIMITED – ASX ANZ
Original article by Glenda Korporaal
The Australian – Page: 1 & 2 : 21-Aug-19
Foreign Investment Review Board chairman David Irvine has stressed the need to closely scrutinise foreign bids for companies that own data centres or hold Australians’ personal data. Irvine has used an Australia China Business Council speech to argue that data must be afforded the same level of protection as critical infrastructure such as ports, water supply and the power sector. He added that the FIRB’s tougher stance on the issue of data security has not attracted much concern among foreign investors.
AUSTRALIA. FOREIGN INVESTMENT REVIEW BOARD, AUSTRALIA CHINA BUSINESS COUNCIL, AUSTRALIAN SECURITY INTELLIGENCE ORGANISATION, AUSTRALIAN SECRET INTELLIGENCE SERVICE, AUSTRALIA. CRITICAL INFRASTRUCTURE SECTOR, SIRTEX MEDICAL LIMITED, NATURE’S CARE, LIFE-SPACE GROUP, HEALIUS LIMITED – ASX HLS, JANGHO GROUP, AUSTRALIAN DEFENCE FORCE, KPMG AUSTRALIA PTY LTD, UNIVERSITY OF SYDNEY, AUSTRALIAN STRATEGIC POLICY INSTITUTE LIMITED
Original article by Mark Schliebs
The Australian – Page: 4 : 1-Aug-19
The federal government’s Telecommunication Interception and Access Act is under growing scrutiny amid revelations that a wide range of agencies are bypassing it to access Australians’ metadata. The data retention laws authorise 21 government agencies to access metadata without a warrant, but many other agencies are doing so via the Telecommunications Act. The Department of Home Affairs has indicated that this loophole was intentional, and that non-authorised agencies can access metadata on grounds other than law enforcement and national security.
AUSTRALIA. DEPT OF HOME AFFAIRS, COMMUNICATIONS ALLIANCE LIMITED, AUSTRALIAN LABOR PARTY, TELSTRA CORPORATION LIMITED – ASX TLS, AUSTRALIA. PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY
Original article by Mark Schliebs
The Australian – Page: 1 & 4 : 31-Jul-19
The Telecommunication Interception and Access Act identifies just 22 agencies that are entitled to access Australians’ metadata. However, a parliamentary committee that is reviewing the data retention laws has been told that at least 87 agencies have applied to access metadata without a warrant since the legislation took effect in 2015. Telstra has told the committee that many agencies are bypassing the data retention regime by seeking access to metadata via the Telecommunications Act. This is often to investigate minor legal breaches rather than serious criminal activity or issues concerning national security.
AUSTRALIA. PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND SECURITY, TELSTRA CORPORATION LIMITED – ASX TLS, COMMUNICATIONS ALLIANCE LIMITED, SINGTEL OPTUS PTY LTD, TPG TELECOM LIMITED – ASX TPM, AUSTRALIAN FEDERAL POLICE, AUSTRALIA. DEPT OF HOME AFFAIRS, AUSTRALIAN COMPETITION AND CONSUMER COMMISSION, AUSTRALIAN COMMISSION FOR LAW ENFORCEMENT INTEGRITY, AUSTRALIAN CRIMINAL INTELLIGENCE COMMISSION, AUSTRALIAN SECURITIES AND INVESTMENTS COMMISSION
Original article by Phillip Coorey
The Australian Financial Review – Page: 7 : 4-Jul-19
The federal government’s open banking regime is slated to begin on 1 February 2020, although this will require the Consumer Data Right bill to be passed by the end of July. Shadow financial services minister Stephen Jones says Labor has some concerns about how customers’ data is used and retained under the new regime, which will need to be addressed if Labor is to support the legislation. Jones has questioned whether there will be sufficient time to pass the bill before parliament rises for the winter break.
AUSTRALIAN LABOR PARTY, AUSTRALIA. DEPT OF FINANCE, AUSTRALIAN SECURITIES AND INVESTMENTS COMMISSION, MACQUARIE GROUP LIMITED – ASX MQG
Original article by James Eyers
The Australian Financial Review – Page: 17 : 25-Feb-19
Australian Prudential Regulation Authority chairman Wayne Byres says the nation’s banks are working hard to meet the schedule for implementing the open banking regime. The first phase of open banking, part of the federal government’s consumer data right program, takes effect on 1 July. Byres told a Senate committee hearing on 21 February that the banks are concerned about greater information security risks as a result of open banking being introduced, as well as the use of derived data, which he says they regard as their intellectual property.
AUSTRALIAN PRUDENTIAL REGULATION AUTHORITY, AUSTRALIAN LABOR PARTY, AUSTRALIAN BANKING ASSOCIATION
Original article by Supratim Adhikari
The Australian – Page: 23 : 5-Feb-19
Head and neck surgeon Elizabeth Sigston does not believe that there should be any sharing of people’s medical records. Sigston says the $2 billion My Health Record system remains riddled with complexity, and she is very concerned about the proposed Data Sharing and Release Act, warning that it has the potential to override the Privacy Act. She says the risks associated with sharing data is most acute when it comes to genomic data, which the MHR is able to store. John Sutton of Armstrong Legal says there is no need for MHR data to be shared with third parties.
ARMSTRONG LEGAL, AUSTRALIA. DEPT OF HEALTH
Original article by Bo Seo
The Australian Financial Review – Page: 5 : 31-Jan-19
Australians must choose whether to opt out of the federal government’s controversial My Health Record system by 31 January. Data security and privacy concerns have prompted a number of people in the technology sector to opt out of the system, including Freelancer CEO and founder Matt Barrie, who says the government has done an "abysmal job" of protecting Australians’ privacy. Cyber security expert Vijay Varadharajan has also chosen to opt out, although Cyber Security Research Centre CEO Rachael Falk has opted in.
FREELANCER LIMITED – ASX FLN, CYBER SECURITY RESEARCH CENTRE, AIRTREE VENTURES PTY LTD, MICROSOFT CORPORATION, UNIVERSITY OF NEW SOUTH WALES, UNIVERSITY OF NEWCASTLE
Original article by James Eyers
The Australian Financial Review – Page: 19 : 24-Jan-19
The Australian Banking Association has expressed concern that theft of personal data and email scams will become rife under the federal government’s open banking regime. Open banking is slated to begin on 1 February 2020, with a pilot program to commence in July 2019. The ABA’s submission to the Treasury’s draft report on open banking has called for the terms of reference for the pilot program to include an assessment of the potential privacy risks.
AUSTRALIAN BANKING ASSOCIATION, AUSTRALIA. DEPT OF THE TREASURY, AUSTRALIAN COMPETITION AND CONSUMER COMMISSION