Defence database breached
Concerns have been raised that private details of Defence Force members were compromised in a major database hack.
Reports say a sensitive military database containing the personal details of tens of thousands of Australian Defence Force (ADF) members had to be shut down in February over fears it had been hacked.
Defence Force Recruiting's outsourced electronic records system was taken down and quarantined from other military networks while IT specialists worked to contain the alleged security breach.
The ‘Powerforce’ database has stored sensitive information about ADF recruits since 2003, under a contract awarded to the ManpowerGroup company.
The database includes details of medical exams, psychological records and summaries of initial interviews with potential recruits.
The Defence Department’s own investigations allegedly found no evidence of data being stolen.
“The security of information systems and personnel data is of paramount importance to Defence,” a spokesperson said in a statement.
“Due to a potential security concern, some elements of the Defence Force Recruiting Network (DFRN) were proactively taken offline on February 2, 2020. Normal operation resumed on February 12, 2020.
“An investigation did not identify any evidence to suggest a compromise of information had occurred.”
Liberal MP Andrew Hastie is among thousands of serving ADF members and veterans whose personal details are on the Powerforce database.
The former SAS captain and chairman of Parliament's Intelligence Committee said the potential breach is a “very concerning development”.
“Our government and defence networks should be fortresses — no breach can be considered small,” Mr Hastie said.
“For Defence to take this offline for 10 days suggests a fairly sophisticated actor.”
Labor backbencher and former commando Luke Gosling has demanded more answers.
“A whole range of information that we wouldn't want to go into the wrong hands — the Federal Government needs to let us know what's happened,’ he said.
“There needs to be a thorough investigation into this.”
ManpowerGroup Australia has acknowledged “a potential issue identified with the Defence Force Recruiting Network (DFRN), requiring Defence to proactively take elements of this network offline”.
“All elements of the DFRN have since been restored to full operations,” a spokesperson told the ABC.
Minister for Defence Personnel Darren Chester last year announced ManpowerGroup had been awarded two-year extension to its recruiting services contract.