TRANSPORT PLAN CONFIDENTIAL DOCUMENTS
Mr GERARD MARTIN:
My question is to the Minister for Roads and Transport. What is the Government's response to community concerns about an alleged computer hacking incident and the release last weekend of confidential documents relating to the transport plan?
Mr DAVID CAMPBELL:
Members would be aware that on Saturday morning Sydneysiders awoke to read a headline in the Sydney Morning Herald
Revealed: Keneally's transport blueprint.
Within the front page article was a key paragraph, which read:
Yesterday, the Herald obtained key Government announcements, which had been uploaded accidentally to a new website "Shape Your State" at www.nswtransportblueprint.com.au registered to a company called Bang The Table.
This is incorrect. And it seems that the article is not an accurate reflection of what actually happened. Yesterday the contractor, information technology [IT] private sector company Bang the Table, which is responsible for the website, referred this matter to the New South Wales Police Force. By way of background, I am advised that there were two days of IT attacks on the website firewall security that began on Thursday 18 February at 8.44 p.m. and continued until around midday on Friday 19 February. At that time, the website was not live. It was a secure site, as it was under construction. Contrary to the newspaper's claim, I am advised by Bang the Table that at no time was the website available to casual viewers.
On the advice provided by Bang the Table, it seems that the only way to enter the site was to hack into it. And allegedly someone did. It was not a one-off but a concerted effort. An internal investigation by Bang the Table found a total of 3,727 unauthorised hits on the website's firewall security over a two-day period—18 and 19 February. That is akin to 3,727 attempts to pick the lock of a secure office to take highly confidential documents.
Order! The House will come to order.
Mr DAVID CAMPBELL:
I am advised that Bang the Table's report outlined that the attacks were sourced from four different Internet protocol [IP] addresses in Sydney and Melbourne, a person using a Sydney media IP address hit the site 209 times, on Friday 19 February an unknown person using a Sydney media IP address entered the secure site for 21 minutes from 1.02 p.m. unti1 1.23 p.m. and accessed confidential Government information, the site was attacked 183 times in less than two minutes on one occasion and 488 times in another two-minute period, reports by the newspaper that the documents were "uploaded accidentally" were incorrect and a user at the Sydney media IP address gained unauthorised access to Government information. We await the findings of the police investigation.