Friday, 24 November 2017
Can anyone believe anything Australian Human Services Minister Alan Tudge and his motley crew say?
The New Daily, 21 November 2017:
The Department of Human Services flagged the illegal sale of Medicare details on the dark web almost a fortnight before the illicit trade was exposed in a bombshell media report, The New Daily can exclusively reveal.
Internal emails, obtained under freedom of information laws, reveal that department officials discussed the security issue as early as June 22 – nearly two weeks before revelations that Medicare numbers were being sold online.
On July 4, The Guardian revealed that a dark web vendor was advertising the sale of any Australian’s Medicare number for the bitcoin equivalent of just $22 after exploiting a government system vulnerability.
In the wake of the revelations, Human Services Minister Alan Tudge said that he and his department had only learned of the illicit trade when contacted by a Guardian journalist on July 3.
However, high-priority correspondence within DHS shows that senior officials discussed the trade on the dark net, which is only accessible through a customised browser, nearly two weeks before it made the news.
On June 22, Rhonda Morris, national manager for serious non-compliance, raised the issue with Kate Buggy, national manager for internal fraud control and investigations, and Mark Withnell, general manager of business integrity, as well as several unnamed officials.
In a later email on July 3, Mr Withnell apparently connected The Guardian’s inquiries to the department’s earlier discussions on the issue, writing to colleagues: “This is the one I was mentioning last week.”
It is unclear exactly what DHS knew about the sale of Medicare details on the dark web prior to July’s media report.
Citing exemptions related to law enforcement and criminal investigations, the department redacted most of the content of the emails released to The New Daily.
It refused to release numerous other related emails entirely.
A DHS spokesman denied the department had knowledge of a specific breach in June and said its internal discussions had only related to general matters……
In September, DHS told the Senate that as many as 165 people may have had their Medicare numbers sold to unknown parties, although there had been no unauthorised access of any Australian’s health records.
Last month, a seperate review commissioned by the department recommended beefing up the authentication procedures required to access the online database used by healthcare professionals.
Although the AFP is continuing to investigate the source of the breach, the government has said it was likely the result of “traditional criminal activity” rather than a cyber attack.
In February, DHS was embroiled in controversy after it released the personal information of a Centrelink recipient to a journalist in order to diffuse claims she made in the media.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment