Former Social Services Minister Christian Porter
The Department of Social Services initially decided not to inform employees of a major privacy breach last year that exposed the personal data of 8,500 current and former staffers, reasoning that it would cause unnecessary concern.
Last year DSS notified current and former employees that personal information held on the department’s credit card management system had been compromised due to a misconfigured sever operated by a contractor. The exposed information, dating from 2004 to 2015, included credit card details, employee names, work emails, system passwords, Australian government service numbers and other employment details.
But after obtaining departmental emails under freedom of information laws, Crikey can reveal that the DSS at first determined to conceal the security lapse from its employees, before changing its mind.
Crikey is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while we review, but we’re working as fast as we can to keep the conversation rolling.
The Crikey comment section is members-only content. Please subscribe to leave a comment.
The Crikey comment section is members-only content. Please login to leave a comment.