Australian Defence Force communications app hit by ransomware attack

The ForceNet service, an internal communication platform run by an external provider, was targeted by hackers earlier this month and revealed to staff on Monday.

A 2018 dataset, containing the personal information of current and former Australian Defence Force members and Department of Defence public servants, may have been part of a ransomware attack on the external contractor.

The platform is said to hold around 30,000 to 40,000 records but a Defence Department spokesperson said initial discussions with the provider indicate there's no evidence the data has been breached.

Inquiries are underway to better understand what the data might have included.

"Defence is taking this matter very seriously and is working with the provider to determine the extent of the attack," the spokesperson said.

"Defence is examining the contents of the 2018 ForceNet dataset and what personal information it contains."

In an email to all staff on Monday, Defence secretary Greg Moriarty and Chief of the Defence Force General Angus Campbell said the matter was being taken "very seriously".

READ MORE:

Assistant Defence Minister Matt Thistlethwaite publicly confirmed the cyber attack on Monday morning but stressed no Defence systems had been compromised.

"At this stage, there is no evidence that the data set has been breached - that's the data that this company holds on behalf of Defence," he said on ABC radio.

"Defence is taking this very seriously and that's why they've taken the prudent approach to notify all ADF personnel and they're suggesting considering changing passwords and moving to two-factor authentications."

The junior minister also confirmed personnel could reach out for additional support from IDCare - an identity theft support service - if they believe they've been affected.

The ForceNet platform is described as a "communications tool used to connect registered departmental and other authorised users within secure online communities".