Cyber survey opened risk
A Home Affairs cyber survey has itself become a security risk.
The Home Affairs inadvertently exposed the personal information of more than 50 small business survey participants during research into cybersecurity.
Reports reveal that names, business names, phone numbers, and emails of the survey participants were carelessly published on the parliament website in response to a question from May's Budget estimates hearing.
The leak occurred as part of the cyber wardens pilot program's development, which aimed to bolster cybersecurity in the aftermath of the devastating Optus and Medibank cyber attacks.
The Understanding Small Business and Cyber Security report, based on the responses of over 2,000 business owners and employees, unearthed alarming statistics.
Forty-four per cent of the respondents reported having experienced a cyber attack, with a worrying 29 per cent stating that these attacks affected their personal information.
Shadow cyber security and home affairs minister, James Paterson, has pointed out the irony of the situation.
“It's deeply ironic this breach of personally identifiable information occurred in an answer to a question about improving cybersecurity for small businesses and from a department whose minister publicly attacked Optus when they had similar data stolen by a criminal gang,” he stated.
The home affairs department has acknowledged the “potentially unintentional data release” and took steps to remove the information from the internet.
The cyber wardens program, funded with $23.4 million in the May budget, aims to educate small businesses and their workforce about cybersecurity and possible cyber threats.
The initiative, spearheaded by the Council of Small Business Organisations of Australia and delivered by 89 Degrees East, offers a free online education course to train 50,000 “cyber wardens” over three years.
In June, the prime minister, Anthony Albanese, faced questioning from the opposition about the $23 million grants awarded without tender to COSBOA, which partnered with 89 Degrees East.
Concerns were raised regarding a potential conflict of interest, as 89 Degrees East listed the wife of health minister Mark Butler as a senior consultant. Butler had been part of the expenditure review committee that approved the funding.
Mark Butler assured the parliament that all appropriate declarations were made as per the ministerial code and stated that arrangements were in place to manage any potential conflicts of interest.
Despite Daniela Ritorto, Butler's wife, resuming work with the firm in February and quitting in May, a standing agreement with the firm reportedly prohibited her from undertaking any government work due to her links to the Labor party.