Feeds

Australian Bureau of Statistics denies hacking report

A login isn't a 'hack' states stat specialist

Combat fraud and increase customer satisfaction

The Australian Bureau of Statistics has been forced, by dint of a misreading of 'attack statistics', to deny that hackers (including the ubiquitous Chinese variety) have accessed pre-release sensitive data such as unemployment or inflation rates.

Last week, the Australian Financial Review offered its readers a tale titled Cyber attacks hit Australian Bureau of Statistics.

The Register notes today's statement from the Bureau, published on its Website:

ABS responds to "Cyber attacks hit statistics bureau" (The Australian Financial Review, 26 April 2013 pg1)

Contrary to your article, 'Cyber attacks hit statistics bureau' (page 1, AFR 26 April 2013), there have been no successful attempts to gain access to market sensitive or other confidential data held by the Australian Bureau of Statistics.

The "AUSSTATS" database referred to in your article is a source of publicly available statistics. It does not hold any confidential data.

The "successful" attacks referred to in the article relate to external users attempting to connect to publicly available ABS services. The incidents were detected by the ABS due to the large number and random nature of the connection attempts. The attempts logged as successful related to valid connections. Attempted connections to the ABS homepage during this incident were reported as being successful by the ABS Security monitoring tool. These attempts posed no threat to the security of ABS data.

The AFR mentions the possibility that ABS user accounts had been compromised and used to attack ABS systems. The incident referred to in the AFR report relates to authorised users of ABS provided external services incorrectly entering their password when trying to access the system.

There's more, but the main point will certainly be understood.

Not only this, but the Fin followed up its original story with the same financial markets specialist portentously huffing that the Australian public has the “right to know” how much information has been “stolen”. It seems that in fact we do know: none at all. ®

Top three mobile application threats

More from The Register

next story
EU: Let's cost financial traders $400m a day, because EVIL BANKERS. Right?
Wait 'til this one hits your pension fund where it hurts
Systems meltdown plunges US immigration courts into pen-and-paper stone age
Massive outage could last four weeks, sources claim
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
UK.gov chucks £28m at F1 tech for buses and diggers plan
Well, not really F1 but who's heard of LMP and VLN*?
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.