You have
Register for a free account to access unlimited free content.
accountants daily logo

ATO finds accounting firms with data, cyber security breaches


The ATO has warned tax practitioners to take proactive measures with cyber security this tax time, after a spate of incidences involving accounting firms last year.

By Jotham Lian 10 minute read

Speaking on the ATO’s Tax Time Cyber Security webinar, ATO chief information security officer, Jamie Norton said there were a number of breaches ranging from insider threats to software intrusions that have led to serious consequences for accounting firms.

In one instance last year, a cyber-criminal remotely authenticated to one of the accounting firm’s internet facing servers that was running a remote desktop protocol by forcefully bypassing the accounting username and password as they were weak.

In doing so, the cyber-criminal was able to access client payroll data, change payroll bank details, lodge fraudulent tax return amendments, and access and rollover SMSF account balances to another superannuation account.

“Once the attackers did have access to a very insecure way of providing access to an organisation by using weak usernames and passwords, they were about to create a lot of havoc, do a lot of fraudulent activity and get a lot of money out of the organisations,” said Australian Cyber Security Centre (ACSC) director, Nathan Morelli.

“It really means that everyone is a potential target, that you’ve got to make that assumption in your organisation that your data is invaluable, that you need to protect it and that you should be prepared that an event will happen and who you need to contact , who you need to engage to restore your business in those situations.”

Further, Mr Norton also highlighted the risk of insider threats, where employees, either past or present, fraudulently access data.

“[There was an example of] an employee stealing client details, enabling them to use the AUSkey fraudulently and gain access to system. Whilst we were able to address that and cancel the AUSkeys, it nonetheless highlights how we need to remain vigilant and ensure we are securing client data,” said Mr Norton.

“If someone has left your organisation, if they have been terminated, make sure that passwords are changed for systems they may have access to because we do see scenarios where ex-employees are able to come in and potentially delete data or erase data.

“In the event of a breach, we recommend you contact us as soon as possible so we can take measures to protect your client records, government revenue and also superannuation investments. There are a number of activities we can take as the ATO to protect client information and data.”

Mandatory data breach laws came into effect earlier this year, and requires firms to provide notice to the Office of the Australian Information Commissioner (OAIC) and affected individuals of a data breach.

The Notifiable Data Breaches (NDB) scheme has significant application to tax professionals as it covers individuals who receive and handle tax file numbers (TFN), as well as entities covered by the Privacy Act.

According to the ACSC, 59 per cent of Australian businesses are interrupted by cyber breaches every month, with 80 per cent of hacking-related breaches involving weak or stolen passwords.

“Cyber-crime is estimated to cost Australian $1 billion each year and by some estimates the real impact to Australians can come up to $17 billion annually,” said Mr Morelli.

“Using strong passwords on all accounts and encouraging staff to do the same is one of the most simple and effective measures a business can take to protect themselves online.”

This email address is being protected from spambots. You need JavaScript enabled to view it. 

Jotham Lian

Jotham Lian


Jotham Lian is the editor of Accountants Daily, the leading source of breaking news, analysis and insight for Australian accounting professionals.

Before joining the team in 2017, Jotham wrote for a range of national mastheads including the Sydney Morning Herald, and Channel NewsAsia.

You can email Jotham at: This email address is being protected from spambots. You need JavaScript enabled to view it. 

You are not authorised to post comments.

Comments will undergo moderation before they get published.

accountants daily logo Newsletter

Receive breaking news directly to your inbox each day.