Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.
MyGov accounts are on a list of more than 150.000 broken ".com.au" links available for sale on the dark web, where logins sell for just a few minutes to several hundred dollars.
MyGov, released in 2013, serves as a gateway to a number of sensitive government servicessuch as the tax office, Centrelink, Medicare, the National Disability Insurance System and My Health Records.
"Each subscription service has its own fraud detection capabilities," said Australian Director General Hank Jongen. services they had to be linked to a person's MyGov account to be accessible.
Mr Jongen said that while he would not comment on "specific companies in cyberspace", "Services Australia" was provided with information showing the ongoing activity on the dark web ”.
The breached accounts were located by the Israeli intelligence company KELA, which specializes in dark web threat intelligence.
The head of KELA's intelligence team, Elad Ezrahi, said MyGov accounts had been extracted from more than 2000 compromised computers or bots.
"The threatening factors behind these platforms are likely to acquire this data either by running their own infrastructure botnet "Or buying stolen credentials from other agents," said Ezrahi.
The data can be used by an intruder for various malicious activities, depending on the motives of the intruders.
"For example, an attacker who buys a bot, with compromised accounts for the my.gov.au portal, could use the victim's data for identity theft and to carry out various fraudulent activities."
Mr Jongen said if people suspected that their MyGov accounts had been compromised, they should contact Scams and Identity Theft Helpdesk.
"This group can quickly revoke an account and disconnect member services to prevent further access," he said.
The logins seen by The Australian Financial Review include banks, government agencies, stores telecommunications and e-commerce. The most recent data was from the end of May 2020. For legal reasons no data were purchased to confirm authenticity.
His pandemic COVID-19 has proved beneficial to them hackers as millions of employees work remotely, with information company Cybel reporting that more than 500.000 Zoom accounts are available for sale online.
The average prices for a range of products for sale on the dark web are: fake passports ($ 1500), driver's licenses ($ 550), credit cards ($ 35) and email ($ 55).
Australia's Australian Cyber Security Center issued a warning in November stating an increase in usage malware associated with botnet.