Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Police identify GST hacker

From: William Knowles <wk () C4I ORG>
Date: Thu, 29 Jun 2000 01:20:56 -0500
http://www.theage.com.au/breaking/0006/29/A41578-2000Jun29.shtml

Source: AAP | Published: Thursday June 29, 5:32 PM

Australian Federal Police have identified a computer hacker who stole
confidential details of thousands of businesses from a government GST
website.

The GST Start-Up Assistance Office shut down its website today after
17,000 businesses were sent e-mails containing bank account and other
details they had provided to the website.

'It has been established that the GST Assist site was improperly
accessed and data extracted by a hacker,' the office confirmed late
today.

Sources later told AAP a complete security review of the site had
found the hole which had allowed the hacker access to the site, and it
had now been fixed.

'The AFP has established the identity of the person they believe is
responsible and are interviewing him,' AAP was told.

An AFP spokesman said they could neither confirm nor deny whether
anyone was being interviewed over the hacking.

'This is an operational matter and we're making no comment,' the
spokesman told AAP.

Earlier today, a man calling himself Kelly rang ABC radio in Sydney
and said he had discovered the lack of security on the website of the
government's GST Start-up Assistance Office

"I just noticed it and I was concerned and I didn't really want it to
be covered up," Kelly said.

"I thought I'd tell everyone."

He said it had been easy to obtain access to private banking details
supplied by companies to the Start-up Assistance Office in order to
become accredited suppliers of GST information and assistance
packages.

Up to 10,000 businesses are believed to have provided their personal
banking details to the website.


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: