Don’t wait to be hacked: choose a better password


Password Box in Internet Browser

Seven Australian officials caught up in the ISIS personal identity hack had passwords no government IT system should permit.

A group calling themselves the “Islamic State Hacking Division” published what it claimed were the personal details of thousands of individuals linked to the US government and military, which included seven email addresses ending in gov.au.

These seven individuals include one official from the Australian National Audit Office, two from the Department of Defence, one from the NSW Department of Family and Community Services, two from area health services under NSW Health and one Victorian Opposition frontbencher.

ISHD does not state how the details were obtained, but it does claim to also have credit card details and access to Facebook accounts of at least some on the list.

With the exception of one of the Defence officials, whose password was salted, the remaining had passwords that could at best be described as very easy to guess. They included:

FREE membership to The Mandarin

Receive unlimited access, get all the latest public sector news and features, plus The Juice, our daily news update sent direct to your inbox.

The Mandarin is where Australia's public sector leaders discuss their work and the issues faced within modern bureaucracy. Join today to discover the latest in public administration thinking and news from our dedicated reporters, current and former agency heads and senior executives.