AAPT confirms attack, through Melbourne IT
Uses SHOUTY CAPS to say purloined data is a year old, has not been online for ages
AAPT has issued a statement in which it confirms one of its servers has been attacked, and data downloaded.
Anonymous claims it is the perpetrator of the attack and has been promising imminent release of documents that it has hill embarrass the federal government.
AAPT CEO David Yuile has issued a statement that says, in SHOUTY CAPS, that:
IT WAS BROUGHT TO OUR ATTENTION BY OUR SERVICE PROVIDER, MELBOURNE IT, AT APPROXIMATELY 9.30PM LAST NIGHT THAT THERE HAD BEEN A SECURITY INCIDENT AND UNAUTHORISED ACCESS TO SOME AAPT BUSINESS CUSTOMER DATA STORED ON SERVERS AT MELBOURNE IT. AAPT IMMEDIATELY INSTRUCTED MELBOURNE IT TO SHUT DOWN THE SERVERS WHEN WE WERE NOTIFIED OF THE INCIDENT.
Yuile goes on to say that an internal investigation suggests just two files were accessed. The data they contain is described as "historic" and containing "limited personal customer information."
He also says the servers have not been connected to AAPT's networks for a year, nor accessed for that period.
All of which probably represents a lesson in virtual machine sprawl, but that's probably something to discuss another day.
Yuile says AAPT has told the authorities what's up, will get in touch with customers mentioned in the files and, in more SHOUTY CAPS:
"IS TREATING THIS MATTER WITH THE UTMOST SERIOUSNESS."
An Anon, meanwhile, told The Reg the data "will be leaked when it is leaked." ®
Sponsored: Customer Identity and Access Management