Defence data caught up in ransomware attack

Joseph Brookes
Senior Reporter

Australian Defence personnel and public servants are being told to remain vigilant after a Defence ICT contractor was embroiled in a ransomware attack on Monday. A 2018 dataset containing their personal information “may have” been part of the attack, the department has confirmed.

The personal information was in a dataset from a provider working on the social media-like ForceNet platform that Defence stood up with Deloitte in 2014 using Sitecore.

Minister for Veterans Affairs & Defence Personnel, Matt Keogh

In response to earlier reports of the breach, a Defence spokesperson confirmed the department has recently been informed about the ForceNet dataset.

“Defence has recently been informed a 2018 ForceNet dataset… containing personal information of current and former Australian Defence Force Members and Australian Public Servants, may have been part of a ransomware attack on an external ICT service provider,” the spokesperson told

“This is not an attack on Defence ICT or the ForceNet application.”

It follows a spate of disclosures of data breaches in the private sector and moves from the new government to increase penalties ahead of wider privacy reforms next year.

Defence does not name the provider involved and is still analysing the dataset to determine how many people’s data was compromised and what information it contained.

“Initial discussions with the service provider indicate there is no evidence that the data of current and former APS staff and ADF personnel has been compromised,” the spokesperson said.

Defence Personnel minister Matt Keogh was more definitive, telling reporters an external contractor holding 30 to 40,000 records “has been the subject of a ransomware attack”.

“We haven’t seen any evidence of that information being made available to anyone as a result of that attack, but we just want to make sure that all Defence staff and personnel remain vigilant, and we’re working with that external contractor now to make sure we get the best picture of what has occurred so that they’ve got the best support to ensure the security of their data as well,” he said.

ForceNet is described by Defence as an “e-communications platform used to connect registered users within secure online communities”. It is available to Defence personnel and their families.

Based on the SiteCore web management system, the platform was developed between 2013 and 2015. Several other providers are also involved.

Assistant Minister for Defence Matt Thistlethwaite urged Defence personnel to remain vigilant but said there was no evidence of data being breached.

“ There’s no evidence of a data set being breached at this stage,” he told the ABC on Monday.

“However, of course, Defence is taking this very seriously and that’s why they’ve taken the prudent approach to notify all ADF personnel and they’re suggesting considering changing passwords and moving to two factor authentications and the like.”

Do you know more? Contact James Riley via Email.

Leave a Comment

Related stories