ATO’S PRIVACY BREACH: $557 MILLION FILED IN FALSE CLAIMS
No company is safe – not even the ATO!
Cybercriminals have filed over $550 million in false claims over the past two years, finding a glitch in the ATO’s digital identity system.
Bogus myGov accounts were created by the hackers linking them to real taxpayers’ ATO files, affecting more than 15,000 individuals with more than 37,000 business activity statements and individual tax return lodgements cancelled to a total value of $557.8 million.
The media has reported that the customer identity information used was stolen from previous high-profile data breaches, such as Optus and Medibank.
Some of the false filings were cancelled before they were paid, however it’s not yet clear how much money was actually paid out to the attackers.
The financial fallout could also be substantially higher than initially reported.
The myGov and ATO settings were designed to make systems easy to access for taxpayers, yet hard to access for criminals. But apparently, not hard enough.
Australia is playing massive ‘catch up’ in terms of its privacy policies and is still in the process of redefining them to enforce stricter penalties for companies who don’t take proper precautions.
The Attorney-General’s Department released the Privacy Act Review Report in February this year, as part of the Australian Government’s review of the Privacy Act 1988 (Cth).
The Government’s strong reaction to past and current cyber-attacks and data breaches has been the catalyst to remind us of the reputational and financial risks associated with compromises to the security of personal information. Remember: No company is too small to be targeted.
Now is a crucial time for all Business Owners to think about their existing IT Cybersecurity and Privacy Framework for collecting, storing and processing personal information of clients and employees. By taking the time to review your current processes, you’ll be properly prepared when the privacy reforms are finally announced.
Here’s a simple way to get an instant ‘snapshot’ of the vulnerability of your company’s I.T. Systems. We call it our T4 Group CyberSCORE assessment. It’s a series of questions you answer online, which instantly provides you with a cyber score. This will show how vulnerable you really are.
For a confidential discussion about your company's IT Cybersecurity and Privacy Framework, please call T4 Group on 1300 765 014 or CLICK HERE to complete our CyberSCORE assessment.