News Nunc

<div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>A senior federal bureaucrat who dismissed her own department's cybersecurity advice and ordered a trove of parliamentary emails be released to a private company previously hacked by Russian criminals says she believed the risk assessment was "overrated".</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Jaala Hinchcliffe, the Parliamentary Services secretary, has conceded she should have sought advice from the clerk of the Senate before </span><a href="https://www.9news.com.au/national/sensitive-parliamentary-documents-handed-to-private-company-against-risk-advice/27f83256-4cd6-4ff7-8807-59b6647c1275" rel="" target="" title="instructing her department to send hundreds of thousands – possibly millions – of emails and documents to a third party"><span>instructing her department to send hundreds of thousands – possibly millions – of emails and documents to a third party</span></a><span>.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Hinchcliffe is now facing calls from the federal opposition for her conduct to be investigated.</span></div></div><div><div id="adspot-mobile-medium"></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><strong><span>READ MORE: </span></strong><a href="https://www.9news.com.au/national/sensitive-parliamentary-documents-handed-to-private-company-against-risk-advice/27f83256-4cd6-4ff7-8807-59b6647c1275" rel="" target="" title="Sensitive parliamentary documents handed to private company against risk advice"><strong><span>Sensitive parliamentary documents handed to private company against risk advice</span></strong></a><span></span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>And she has been instructed by parliament's presiding officers to retrieve the data for safe storage in parliament.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>As revealed by 9News, the </span><em><span>Sydney Morning Herald</span></em><span> and </span><em><span>The Age</span></em><span> last week, federal politicians are deeply concerned that their confidential communications may have been compromised.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Hinchcliffe was advised in September last year that giving a private contractor full administrator rights to the department's entire computer network posed an "extreme" risk of unlawful disclosure of sensitive information, including matters of national security.</span></div></div><div><div class="OUTBRAIN" data-reactroot="" data-src="//www.9news.com.au/national/jaala-hinchcliffe-dismissed-cybersecurity-advice-risk-assessment-overrated/4c7d9f75-64b1-44e0-b083-674ac53922f9" data-widget-id="AR_5"></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>There was particular concern among Department of Parliamentary Services (DPS) cybersecurity experts about handing the data to law firm HWL Ebsworth, given the company had been the victim of a massive cyberattack in April 2023 by a Russian-based ransomware group which stole 3.6TB of data.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>She ordered the IT department to grant access anyway.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>"I was of the view that the draft risk assessment that had been given to me had been overrated," Hinchcliffe told a parliamentary committee, saying the law firm had assured the department it had upgraded its security protocols.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><strong><span>READ MORE: </span></strong><a href="https://www.9news.com.au/national/quantum-computing-cyber-experts-raise-alarm-of-risks/8b554bd2-c28b-4d98-af9e-5ae8f15052d1" rel="" target="" title="The 4-word slogan that scares Aussie cyber experts"><strong><span>The 4-word slogan that scares Aussie cyber experts</span></strong></a><span></span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>The released data was analysed by TransPerfect, which had been subcontracted by HWL Ebsworth to find information to support an investigation into potential wrongdoing by senior DPS colleagues, including former DPS Secretary Rob Stefanic. </span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>All up, 170GB of parliamentary data was released from Parliament's computer network under Hinchcliffe's orders. Based on the average size of a plain-text email, up to two million emails may be contained in the cache.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Hinchcliffe has been told by parliament's presiding officers, Senate President Sue Lines and the Speaker of the House of Representatives, Milton Dick, to retrieve the emails from HWL Ebsworth.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Lines said she was "uncomfortable" about so much parliamentary data being held by a third party, especially when some of the material may be subject to special legal protection and immunity under so-called parliamentary privilege.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>"To satisfy all of us who are parliamentarians, and a potential issue of privilege, the data is best held here," she told the Senate Finance and Public Administration Legislation Committee.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>"It's of concern to me, so bringing it back here takes that concern away.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><strong><span>READ MORE: </span></strong><a href="https://www.9news.com.au/finance/private-credit-sector-failing-customers-asic-investigation/20427743-0030-4d64-b8fa-8839dd7c7e0a"><strong><span>Corporate watchdog warns $200 billion Aussie industry to lift its game</span></strong></a><strong><span></span></strong></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>"The speaker and I have been talking about this and we believe the data is best held in the parliament under the supervision of the clerks because that is what the parliamentarians expect."</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>The DPS data was taken out of parliament in three tranches – 299.7MB in June last year, 32.63GB in August last year and 136.95 GB in a "bulk extract process" over two days conducted by TransPerfect in late October/early November of last year.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Asked by Liberal senator James Paterson if she had sought advice on parliamentary privilege, Hinchcliffe said she had not, saying she had based her decision on "first principles" that MPs and senators' data would not be handed to an investigation being overseen by barrister Dr Fiona Roughley.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>"But I concede, given the concerns raised in this committee, that it would have been beneficial for me to have sought advice from the (Senate) clerk which I did not do," Hinchcliffe said.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Paterson responded: "Did you really prefer your own judgment over the clerk's judgment about the risk of parliamentary privilege?"</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><strong><span>READ MORE: </span></strong><a href="https://www.9news.com.au/world/us-election-results-donald-trump-virginia-new-jersey-live-updates-usa/1d7a9c41-2a83-40fd-bdee-49a5f77ab307"><strong><span>Trump has failed his first electoral test of his second term, and he isn't on the ballot</span></strong></a><strong><span></span></strong></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>She replied: "Senator, I've conceded that I didn't seek the advice of the clerks and that it would've been better placed if I had."</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Liberal senator Jane Hume said she was deeply concerned that the Senate president was not informed of the data extraction until after it had occurred, despite IT's risk assessment.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>"I would have thought that this would constitute further investigation as a potential breach of the department's code of conduct," Hume told the committee.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Lines said she would consider strengthening data handling protocols, "to make sure there is an oversight in place".</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Asked by Hume if she retained confidence in Hinchcliffe, Lines said: "Yes I do."</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Hume said she would formally request the Senate president seek advice from the Australian Public Service commissioner about whether Hinchcliffe had breached the department code of conduct. </span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><span>Hume said she would also seek to hold an inquiry into potential breaches of parliamentary privilege.</span></div></div><div class="block-content"><div class="styles__Container-sc-1ylecsg-0 goULFa"><a href="https://www.9news.com.au/national/how-to-follow-9news-digital/29855bb1-ad3d-4c38-bc25-3cb52af1216f" target="_blank"><strong><em><span>DOWNLOAD THE 9NEWS APP</span></em></strong></a><strong><em><span>:</span></em></strong><span> </span><em><strong><span>Stay across all the latest in breaking news, sport, politics and the weather via our news app and get notifications sent straight to your smartphone. Available on the</span></strong></em><span> </span><a href="https://apps.apple.com/au/app/9news/id1010533727" target="_blank"><strong><em><span>Apple App Store</span></em></strong></a><strong><span> </span></strong><strong><em><span>and</span></em></strong><strong><span> </span></strong><a href="https://play.google.com/store/apps/details?id=nineNewsAlerts.nine.com&hl=en_AU" target="_blank"><strong><em><span>Google Play</span></em></strong></a><strong><em><span>.</span></em></strong></div></div>

Bureaucrat who dismissed cybersecurity advice thought risk was 'overrated'

Optus outage impacts 34,000 services in parts of NSW

Bureaucrat who dismissed cybersecurity advice thought risk was 'overrated'

'Her name is law': Priya's parents win major change so no family suffers how they did

Calls for street named after disgraced former prince to be changed

Dramatic video shows 'catastrophic' UPS plane disaster that left at least 7 dead, 11 injured

Leave A Reply