logo
ENFRع
#

Latest news with #ClivePalmer

Trumpet of Patriots hack: calls for political parties to be forced to report data breaches
Trumpet of Patriots hack: calls for political parties to be forced to report data breaches

The Guardian

time4 days ago

  • Politics
  • The Guardian

Trumpet of Patriots hack: calls for political parties to be forced to report data breaches

More than two years before the data breach of Clive Palmer's Trumpet of Patriots and United Australia parties, the federal government was warned that there was a significant risk to political parties – which are exempt from many data protection obligations – holding sensitive information on voters. The ransomware attack on Trumpet of Patriots earlier this month was the first time Australians became aware of a major data breach of any political party. It only became public information because the party decided to report it. The attack also affected the United Australia party. Supporters were told that data obtained in the attack could include email addresses, phone numbers, identity records, banking records, employment history, and other documents, but that the party was unsure of the amount of information compromised. It is unclear whether Palmer's political parties were required to publicly report the breaches at all. Under the Australian Privacy Act, political parties are exempt from reporting on data breaches and many of the obligations under the act that govern how personal information must be handled. The United Australia party was deregistered at the time of the attack, meaning the exemption it previously held may no longer apply, but the Office of the Australian Information Commissioner could not comment on whether that was the case. Sign up: AU Breaking News email A 2022 attorney general's department report on privacy law reform highlighted that the broad political party exemption was a growing risk, as political parties potentially hold vast amounts of sensitive data including profiling on people to target in the electorate. The report found 'almost all' of the submissions to its inquiry said the exemption was not justifiable and should be narrowed or removed, and the inquiry heard there was 'no clear reason why parties should not be accountable for keeping personal information secure'. The policy thinktank Reset Australia warned in its submission that malicious actors could exploit the weaknesses in party security to interfere in democratic processes. The attorney general's department recommended a narrowing of the exemption for political parties, including requiring parties to protect personal information, take reasonable steps to destroy personal information when no longer needed and comply with the notifiable data breach scheme to report a breach when it happens. Tom Sulston, head of policy at Digital Rights Watch, said the Trumpet of Patriots breach was a 'clear demonstration that it is no longer acceptable for political parties to enjoy an exemption from Australia's Privacy Act'. 'Political parties not only have privileged access to the electoral roll and thereby the personal information of all voters, but also, through their memberships and organising systems, data about our political beliefs and demographics,' he said. The information obtained by parties was very valuable, he said, and could be dangerous for those who were profiled by the parties. 'Most political parties … do take seriously their responsibilities to look after our data: the federal government regularly distributes grants to parties to help them secure their systems,' he said. 'So the good news is that removing their exemption from the Privacy Act won't actually cause them a huge amount of effort or trouble.' Sulston said removing the exemption would ensure people were informed if their data was lost, and those people could then seek legal or financial remedies. 'That's much more robust than relying on parties' goodwill or desire to avoid bad publicity.' Sign up to Breaking News Australia Get the most important news as it breaks after newsletter promotion When the Albanese government responded to the Privacy Act review report in 2023, it agreed with many of the other recommendations in the report, but the political exemption recommendations were merely 'noted', and the first tranche of privacy changes passed in the last parliament did not include a change to the political exemption. The privacy commissioner, Carly Kind, said it was worth assessing whether political parties should keep the exemption. 'As the Australian community reels from successive breaches of their personal information, it is worth querying whether it is appropriate that political parties enjoy an exemption from privacy law,' she said. 'The exemption is not only out of step with community expectations, it is not reflective of the nature and scope of risks to Australians' privacy in the digital era.' Kind said the community wanted more, not less, privacy protection. 'With each new data breach we are reminded of the need for Australian organisations and agencies to continue to uplift their privacy and cybersecurity practices.' Sulston said the government's response to the attorney general's deparment's recommendations was 'profoundly inadequate'. 'Reporting of breaches is a bare minimum that we should expect of organisations that hold our data,' he said. 'The government should make good use of their majority to push through the second tranche of privacy reforms, and include removing the parties' exemptions.' The attorney general, Michelle Rowland, told Sky News on Sunday that a second tranche would focus on privacy in relation to online platforms like Google, Facebook and Instagram, stating Australians are 'sick and tired of their personal information not only being exploited for benefit by third parties, but also the way in which that information is not being protected'. A spokesperson for Rowland would not confirm whether changes to the political party exemption would feature in the second tranche of legislation. 'The government will continue work on a further tranche of reforms, to ensure Australia's privacy laws are fit for purpose in the digital age,' they said. Trumpet of Patriots was contacted for comment.

Clive Palmer's Mineralogy and Queensland Nickel Group say data stolen in cyber attack
Clive Palmer's Mineralogy and Queensland Nickel Group say data stolen in cyber attack

ABC News

time5 days ago

  • Business
  • ABC News

Clive Palmer's Mineralogy and Queensland Nickel Group say data stolen in cyber attack

The personal details of Clive Palmer's employees and associates, including bank records, may have been compromised during a ransomware cyber-attack last month. The data breach encompassed Mr Palmer's political parties and 11 entities associated with the entrepreneur and politician including Mineralogy and Queensland Nickel Group. A statement posted to the Mineralogy and Queensland Nickel websites said the breach extended to Waratah Coal Pty Ltd, Central Queensland Coal, Gladstone Pacific Nickel Limited, Palmer Coolum Resort, Blue Star Line, Palmer Motorama, Ausface, Drewmaster Pty Ltd, and Zeph Group entities. "The data records potentially include all emails to and from the Mineralogy and Queensland Nickel Group entities including their attachments," the statement read. Mineralogy and Queensland Nickel said they had secured systems and reported breaches to the Office of the Australian Information Commissioner (OAIC) and the Australian Signals Directorate. Monash University cybersecurity expert Professor Nigel Phair said people associated with Mr Palmer's companies and political parties will not know if their data has been affected. "Once it's out there in the world the cyber criminals will use it for a variety of mechanisms," Dr Phair said. "We've really got no power in this, we can just be hyper-vigilant." It remains unclear whether any compromised data had been published by cyber criminals. Mineralogy and Queensland Nickel Group entities have been contacted for further comment. Dr Phair said unsophisticated cyber attacks on corporates had become too common. Dr Phair said Australia had enough legislation to hold corporates to account when data was not secured adequately. "We just need the legislation policed," he said. "The Australian Information Commissioner operates a notifiable data breach scheme, and they've got penalties including enforceable undertakings and in some cases fines of up to $50 million. "We haven't seen any fines handed out to organisations yet so it would be good to see a lot more of that happening." The Office of the Australian Information Commissioner said it was focused on ensuring all individuals were notified. An Australian Federal Police spokesperson said the AFP had not received a report of a crime in relation to the matter.

Aussies urged to monitor their bank accounts after Clive Palmer hack
Aussies urged to monitor their bank accounts after Clive Palmer hack

Daily Mail​

time18-07-2025

  • Politics
  • Daily Mail​

Aussies urged to monitor their bank accounts after Clive Palmer hack

Australians have been urged to monitor their bank accounts for suspicious activity after cybercriminals targeted companies belonging to billionaire Clive Palmer. Palmer's two multi-million dollar political ventures, the United Australia Party (UAP) and Trumpet of Patriots (TOP), fell victim to a ransomware breach on June 23. The hack is believed to have exposed vast amounts of personal data, including bank details, identity documents and confidential correspondence. Details have only just been made public after the parties admitted they could not determine the full extent of the damage or identify all those affected. In a statement to supporters, TOP revealed that 'unauthorized access' was detected on their servers and that 'years' worth of sensitive documents have been stolen. 'We do not know comprehensively what information of yours was on the server but you should assume that any information you have provided would have been stored on the server,' the statement read. TOP said it did not keep a record of whose details were on the server, saying it was 'impracticable' to attempt to notify those affected individually. The parties confirmed that all emails to and from their systems, along with their attachments and internal documents, may have been accessed or downloaded. In the wake of the attack, the parties say they have secured their systems and restored data using backup tapes. The incident has been reported to the Office of the Australian Information Commissioner (OAIC) and the Australian Signals Directorate. Australians who have ever contacted or supported the UAP or Trumpet of Patriots are being urged to take precautionary steps, including changing passwords, enabling multi-factor authentication, and monitoring bank accounts for suspicious activity. Both the UAP and TOP have long courted controversy for its bizarre policy stances, anti-lockdown campaigns and populist rhetoric. During election campaigns, the party became notorious for bombarding millions of Australians with mass text messages, a tactic that skirts anti-spam laws by exploiting exemptions for electoral communication . It is not known if the database of text messages owned by TOP or UAP was compromised in the hack last month. Ironically, the party has urged those impacted to remain on guard from messages sent by political parties. 'Please remain alert especially with email, text messages or phone calls, particularly where the sender or call purports to be from the Political Parties,' it said. The Trumpet of Patriots failed to win a single seat in the House of Representatives in the 2025 election, despite sending $60 million on ads. In 2022, the then United Australia Party won just one seat in the Senate, after splashing a whopping $120 million on campaign efforts. In 2021, the party claimed it had more than 80,000 members. Daily Mail Australia has contacted the Trumpet of Patriots for comment.

Aussies urged to monitor their bank accounts for 'suspicious activity' after Clive Palmer hacked by cybercriminals
Aussies urged to monitor their bank accounts for 'suspicious activity' after Clive Palmer hacked by cybercriminals

Daily Mail​

time18-07-2025

  • Politics
  • Daily Mail​

Aussies urged to monitor their bank accounts for 'suspicious activity' after Clive Palmer hacked by cybercriminals

Australians have been urged to monitor their bank accounts for suspicious activity after cybercriminals targeted companies belonging to billionaire Clive Palmer. Palmer's two multi-million dollar political ventures, the United Australia Party (UAP) and Trumpet of Patriots (TOP), fell victim to a ransomware breach on June 23. The hack is believed to have exposed vast amounts of personal data, including bank details, identity documents and confidential correspondence. Details have only just been made public after the parties admitted they could not determine the full extent of the damage or identify all those affected. In a statement to supporters, TOP revealed that 'unauthorised access' was detected on their servers and that 'years' worth of sensitive documents have been stolen. 'We do not know comprehensively what information of yours was on the server but you should assume that any information you have provided would have been stored on the server,' the statement read. TOP said it did not keep a record of whose details were on the server, saying it was 'impracticable' to attempt to notify those affected individually. The parties confirmed that all emails to and from their systems, along with their attachments and internal documents, may have been accessed or downloaded. In the wake of the attack, the parties say they have secured their systems and restored data using backup tapes. The incident has been reported to the Office of the Australian Information Commissioner (OAIC) and the Australian Signals Directorate. Australians who have ever contacted or supported the UAP or Trumpet of Patriots are being urged to take precautionary steps, including changing passwords, enabling multi-factor authentication, and monitoring bank accounts for suspicious activity. Both the UAP and TOP have long courted controversy for its bizarre policy stances, anti-lockdown campaigns and populist rhetoric. During election campaigns, the party became notorious for bombarding millions of Australians with mass text messages, a tactic that skirts anti-spam laws by exploiting exemptions for electoral communication. It is not known if the database of text messages owned by TOP or UAP was compromised in the hack last month. Ironically, the party has urged those impacted to remain on guard from messages sent by political parties. 'Please remain alert especially with email, text messages or phone calls, particularly where the sender or call purports to be from the Political Parties,' it said. The Trumpet of Patriots failed to win a single seat in the House of Representatives in the 2025 election, despite sending $60million on ads. In 2022, the then United Australia Party won just one seat in the Senate, after splashing a whopping $120million on campaign efforts. In 2021, the party claimed it had more than 80,000 members.

Clive Palmer's United Australia Party, Trumpet of Patriots hit in ‘ransomware cyber attack'
Clive Palmer's United Australia Party, Trumpet of Patriots hit in ‘ransomware cyber attack'

News.com.au

time17-07-2025

  • Politics
  • News.com.au

Clive Palmer's United Australia Party, Trumpet of Patriots hit in ‘ransomware cyber attack'

Clive Palmer's two political parties – the Trumpet of Patriots and United Australia Party (UAP) – have been targeted in a 'ransomware cyber attack'. The UAP and Trumpet of Patriots confirmed it had identified an unauthorised access to its servers on June 23. 'We identified unauthorised access to our servers resulting in access to, and the possible exfiltration of, certain data records,' the statement read. 'We were the subject of a ransomware cyber attack.' The data records breached in the hack potentially include all emails to and from the political parties - including their attachments - and documents and records created and or held electronically by the political parties at any time in the past, the statement continued. The parties confirmed the breach may include people's personal information, including email address, phone number, identity and banking records, documents and employment history. However, UAP and Trumpet for Patriots have said they were unsure what hackers accessed during the breach. 'We do not know comprehensively what information of yours was on the server, but you should assume that any information you have provided would have been stored on the server,' the statement read. The political parties said because they 'do not keep records' of the individuals who were on the server, they 'determined it is impracticable to notify individuals'. Instead, they said they have 'secured our systems and restored recoverable data from back up tapes'. They have also reported the breach to the Office of the Australian Information Commissioner (OAIC) and to the Australian Signals Directorate. Affected people have been urged to monitor their bank accounts, change their passwords and enable two-factor authentication as a precaution. 'We recommend that you review your communications (emails and mail) with us to identify any information you have provided to us and consider what other information might be affected,' the parties said. 'We recommend you carefully consider whether you need to take any action in response to the data breach on the assumption that the hackers may have accessed your data. 'We urge you to follow general precautionary steps and remain vigilant about the misuse of your personal information.'

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store