Data loss creates drama at Australian Federal Police

Agent didn't follow procedure, resulting in privacy breach

It's hard to believe Australia's peak internet crime fighting agency, the Australian High Tech Crime Centre (AHTCC), doesn't encrypt all files.

But according to media reports, banking details of thousands of Australians were exposed last year when an Australian Federal Police (AFP) agent lost information on a memory stick.

The device, with details of 3500 customers from 18 banks, was lost between Sydney and London and the AHTCC, whose members are drawn from the AFP, elected not to advise customers of the data breach.

Security consultant Nick Ellsmore says the use of USB drives isn't the main issue, but the real problem is lack of password protection and encryption.

"Using these devices is fine as long as data is encrypted, it is no different to encrypting email," Ellsmore says, adding that the biggest problem with USB drives is information theft by employees.

The media report said the officer had broken several rules about transporting classified information.

"It is a classic example of how you can have all the standards and technology in the world; but it is of little use if policies are not followed by users," Ellsmore says.

Asked about procedures and the use of encryption, an AHTCC spokesperson said the agency was unable to comment immediately.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Australia

More about Australian Federal PoliceFederal Police

Show Comments