Anonymous Attacks Australia
Posted on 2nd Aug 2012 @ 11:12 AM
Australian internet service provider AAPT is dealing with the aftermath of having their servers hacked. Law enforcement and digital security agents are working their hardest to repair the damage done, and to prevent it from happening again. In the hack, the personal employee files of several of AAPT employees were leaked to the public.
The Australian Federal Police and the Australian Crime Commission are both clients of AAPT, and both have released statements saying that they have launched investigations into the hacking case and have assured people that the hacking has not disrupted their operations.
The hack attack and leaking took place last Saturday night. Included in the leaked documents were some highly detailed customer records taken from a compromised AAPT customer relationship database. The database had been left on a server operated by hosting firm Melbourne IT.
An Australian Federal Police spokeswoman released a comment, saying “The AFP commenced an evaluation of the alleged data breach prior to the public dissemination of the data.”
Additionally, the Australian Federal Police said that they are “actively monitoring” the websites where the documents were leaked to see if they can find and trace of the responsible hackers.
“The Australian Crime Commission is aware of media reports in relation to this issue and is in contact with AAPT to establish if any Australian Crime Commission information has been compromised,” a spokeswoman said.
The Australian Privacy Commissioner also released a statement saying that they intend to perform an investigation of their own into the AAPT.
“The Office of the Australian Information Commissioner will decide whether to launch an investigation after AAPT provides the office with an initial report this week,” a spokeswoman said.
The Department of Defense was also among the AAPT clients whose records were compromised but it declined to comment.
Other high profile AAPT clients caught in the leak include the Australian Securities and Investments Commission, the Reserve Bank of Australia, ABC Ultimo, the NSW Attorney General’s Department, the Labor Council of NSW and Queensland’s Department of Premier and Cabinet.
Computer security expert consultant Phil Kernick said the information that the hackers have leaked so far had left AAPT in “deep, deep trouble”.
And there are fears that the hackers may also be preparing to leak more sensitive information such as call records and internet usage by its clients.
The leaked database lists account information against associated with all 263,000 phone numbers that AAPT has issued including first names of account holders, their date of birth, spending, and some of their emails and passwords.
It also includes a full list of AAPT staff including emails and passwords.
The mobile numbers for every contact in AAPT’s database have been listed reduced by only one digit.
“The guys who dumped this truncated a little bit of the information but nowhere near enough,” Mr. Kernick said.
Criminals could easily use the information to carry out fraud on AAPT clients, he said.
“AAPT is in deep, deep trouble here because some of the information you just can’t fix. For example the date of birth for all these account holders can’t be changed,” he said.
The hacker movement Anonymous which has claimed responsibility for the leak said it released the information to protest proposed new national security laws which could see Australian ISPs keep records of their customers’ online habits for up to two years.