Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 06 July 2017 11:23

Public data access will lead to breaches down the line


If the recent Medicare card episode does anything it should make the Australian Government stop and think – and realise that its push to have public data available on the Internet is going to lead to data breaches down the line.

Recent reports said that Medicare details were available for sale on a site on the dark web.

The government was caught on the hop when it surfaced that the Australian Taxation Office was reported to have told its staff that Medicare cards could not be used for identity verification after this information came to light.

But then the ATO quickly withdrew this advice – presumably because it did not gell with the statements being made by Human Services Minister Alan Tudge that all was well and no breach of any kind had occurred.

Tudge was at pains to try and spin the incident as being one of ordinary theft, maybe from a clinic or some place similar.

This points to confusion in government ranks, a situation where the right hand does not know what the left hand is doing. But that is a minor fallout.

Questions should, however, be raised about the crazy push to put public data on the Internet, especially in view of the increasing reports about data breaches, all at websites which were thought to be safe and secure beyond a doubt.

Having data at one's fingertips is very convenient. But convenience is, and has always been, the greatest enemy of security. Even the most junior security professional will tell you that.

Many security incidents occur because data is knowingly, or unknowingly, exposed on the Web. It is trivial to find unsecured data stores – some white hat hackers do it for a living.

From 22 February next year, it will become mandatory for government agencies and businesses/non-profits which have turnover of more than $3 million to disclose any data breaches.

But that will provide small comfort to the individual whose identity is stolen.

Putting data on an intranet is safer, but then again nothing is foolproof. The Stuxnet virus, which disrupted Iran's nuclear programme, was transmitted through an USB stick as the nuclear facility was not on any public network.

But the chances of data exfiltration are greater when a site is connected to the Internet. A little convenience will lead to a great deal of pain later on.

It is probably too much to expect a government, especially one as technologically naive as the one we have, to think seriously about the implications of public data access. But if more people raise doubts about the wisdom of doing so, maybe someone will notice.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments