Government data hacks – and what they can teach us | Jul19 Newsletter
The government holds a range of data under its control, and this is both necessary and concerning to some.
According to the Office of the Australian Information Commissioner (OAIC), “Much of the information that government holds is personal information about individuals or businesses.”
This information helps provide online services, develop policy, deliver benefits and regulate businesses.
However, many people are concerned about sharing their personal information: in a recent OECD report, 37 per cent of people said they believe information security is a major challenge. This is understandable – after all, personal data is highly valuable in today’s world, making it an attractive target for criminals and hackers.
Government data breaches – and what we can learn from them
There are many examples of data breaches within governments around the world:
- In late 2018, the details of around 30,000 Victorian public servants were stolen. The ABC reported that this included all details entered in the employee directory, including work emails, job titles, work phone numbers and mobile phone numbers. While this doesn’t seem too serious, this information could be used to assist with more serious crimes. The breach was detected and dealt with quickly, which experts say is rare. This has highlighted the number of times data is stolen – more than 4,000 records every second globally – to show governments and businesses alike how vital a strong cybersecurity policy is.
- When the UK government sent a series of emails to around 500 migrants (known as the Windrush Generation), all email addresses were exposed. Spokespeople referred to this as an “administration error” – and that is something we can all relate to. Technology experts have since said this is a lesson in utilising awareness technology to help avoid human error.
- While not a government incident, the 2018 Facebook data breach quickly became world famous as the details of 30 million users were compromised. This data included personal information, search history and locations. Some say this incident was a big lesson for businesses: a reminder that online information is never airtight or fully controllable. This means that a multidimensional approach to security is the key to ensuring you are secure, adaptable to technological changes, and able to detect any compromises.
- Remember when the United States government shut down? This left more than 800,000 workers out of pocket, and it also affected cybersecurity. In the time the government wasn’t operating, the SSL certificates (encryption technologies) of at least 200 federal websites expired, and online security updates left undone. This opened up the websites’ vulnerability to hackers. Some experts say this is the perfect reminder to look at your personal online security, including password security and using a range of passwords across each of your accounts.
While holding and utilising data is part of the modern world of governments and businesses, it is vital that consistent reviews and improvements are made in order to avoid further serious breaches.