Senator ELLISON (—Minister for Justice and Customs) (3.05 p.m.) —In September I responded to a question without notice related to the nature of information stored on two computer servers stolen from the Australian Customs Service premises at Mascot, New South Wales, in August 2003. In December last year, I issued a media release clarifying relevant details. I now table the media release and a further statement to which I alluded in that media release. I seek leave to incorporate them.

Leave granted.

The documents read as follows—

Following the theft of computer equipment from Australian Customs Service premises in Mascot in August 2003, which was investigated by the Australian Federal Police (AFP), I commissioned Signet Group International to undertake a review to investigate and report on the theft and the related security issues. In accordance with its Charter, the Defence Signals Directorate (DSD) was also asked to determine if the Customs computer network had been compromised and if so to what extent. During December 2003 I received the final Signet report and I can now clarify earlier information I provided on this matter. Given the length of the Parliamentary recess I made a public statement on this matter in late December 2003.

In answer to a number of questions on the theft I indicated among other things the function of the servers, nature of information held on them and referred to advice I had at that time that they did not retain documents or similar information including personal, business or national security information.

The report I have now received indicates that one of the servers did contain a large backup file of old email stored in November 2002. It appears that this file was temporarily stored on the servers during an upgrade and then inadvertently not removed.

The information about this file only came to light during DSD's examination of the backup tapes and could not be confirmed until DSD had completed its examination of the server hard disks after these had been recovered by the AFP. These were provided to DSD in early November and their report now confirms that the email file was on the server hard disk.

The emails relate to Customs business and some personal traffic. The report indicates that there is no evidence the thieves attempted to access any of the messages. Nevertheless the email file has now been reviewed and it has been confirmed that they do not contain any national security information.

DSD found that there was no evidence that the intruders accessed any data on the servers during or after the incident timeframe and no indication of an attempt to compromise the integrity of the Customs network or information, on or after the day of the theft.

The Signet Review found that the theft was purely criminal in nature and that neither national security information nor infrastructure was targeted.

The Review found that Customs is a responsible security practitioner; that its procedures at the national level are soundly based; and it complies with the Commonwealth Protective Security Manual (PSM). While the theft revealed some serious deficiencies at the Mascot office, they were facilitated by inside information provided by a former employee of the major IT contractor to Customs and it is doubtful that the theft could have been carried out successfully without this information. No Customs officer was implicated in the theft.

The AFP has charged two men with the theft.

Customs considers the theft at Mascot represents a serious breach of security and all recommendations from both Signet and DSD have been accepted. The majority have already been implemented and in addition, Customs has undertaken a security audit of all its 100 staffed sites.

—————

Senator the Hon. Chris Ellison

Minister for Justice and Customs

The Hon. Daryl Williams AM QC

Minister for Communications, Information Technology and the Arts

JOINT MEDIA RELEASE

Customs - theft of servers

A report to the Australian Government by the Defence Signals Directorate (DSD) has indicated that information stored on two computer servers which were stolen from Australian Customs Service premises in Link Road, Mascot, New South Wales in August 2003 did not contain any information relating to national security.

The report indicates that one of the servers did contain a backup file of old emails stored in November 2002. It appears that this file was temporarily stored on the server during a computer upgrade and then inadvertently not removed.

Advice provided to the Government indicates that information on this file only came to light during DSD's examination of the backup tapes, and its existence could not be confirmed until they had completed their examination of the servers' hard disks. These hard disks, recovered by the Australian Federal Police, were provided to DSD in early November. DSD's report now confirms that the email file was on the server's hard disk.

Advice provided to the Government indicates that the emails relate to Customs business and there is some personal traffic, all of which are somewhat out of date, having been stored in November 2002. The DSD report indicates that there is no evidence the thieves attempted to access any of the messages. Nevertheless, the email file has now been reviewed and it has been confirmed that it does not contain any national security information.

This statement is made to clarify previous statements made by the Minister for Justice and Customs and the then Attorney-General regarding information that was stored on the computer servers.

While the Ministers will make statements to this effect when Parliament resumes in 2004, it is appropriate that this information be made public now in order to clarify the record, given that it will be some time before Parliament resumes.