Hackers have targeted the ForceNet service, which is run by an external information and communications technology (ICT) provider, with the company initially telling Defence no data of current or former personnel appeared to have been compromised.
Defence confirmed on Monday that a dataset from ForceNet, a communications platform, may have been compromised after an attack on an external ICT service provider.
The dataset was from 2018, and, according to the minister for veterans’ affairs and defence personnel, Matt Keogh, it contained 30,000 to 40,000 records.
Minister for veterans’ affairs and defence personnel Matt Keogh, said defence was confident no personal data had been accessed in the cyber-attack.
According to its website, ForceNet “facilitates auditable communication and information sharing, one to one and one to many, including targeted communications and support in emergency situations and to specific persons”.
It can be used by defence members, sponsored family members and other approved users, and was developed for defence and approved by defence’s chief information officer group.
However, a source with knowledge of the investigation said Defence believed some private details such as dates of birth and dates of enlisting may have been stolen, despite early indications to the contrary from the external provider.
The issue regarding cyber incidents and IT security protocols in disarray in the ADF continues to compound a month later in November 2022, It was uncovered, An Australian serving within a military intelligence organisation of a Five Eyes ally has allegedly had his personal data stolen from within the Australian Defence Force’s secure personnel system and posted online.
Australia’s joint military police unit is investigating an allegation that a serving member of Australia’s special forces unlawfully accessed the data of the intelligence official and posted personal and sensitive data in an online location accessible to the public.
It is also alleged offensive cybertools of a sophistication deployed by states were used to hack the private accounts of the Australian citizen, including remotely accessing a private computer.
In a message to all staff, the defence secretary and defence chief said the matter was being taken "very seriously".