After the threats, admissions and delays, hacktivists protesting the data retention scheme proposed by the Federal Government’s National Security Inquiry have begun dumping data gleaned from an Australian telco — presumably AAPT.
So far, the dump looks to be as large as we were promised: 40GB of customer data. Sources leaking the data say that there are over 600 tables of customer information set to be published, and after looking at the first few, it looks to be all business account information.
Update: Looks like this leak isn’t going to be the full 40GB we were promised. Sources are reporting that this is only a partial leak. So far we’ve seen the records of government and business customers leaked.
The drama began when hackers claiming to represent Anonymous began acting out on the Twitter hashtag intended for questions for Prime Minister Julia Gillard to answer during her first Google Plus Hangout.
The hackers wanted the Prime Minister to address their concerns regarding a plan proposed by Attorney-General Nicola Roxon floated two years ago that would force ISPs to retain customer browsing data for a period of two years. The data would presumably be used in law enforcement and cyber-security cases should they ever arise.
Roxon was only in initial talks with ISPs over the scheme when the story broke in 2010, but the plan reared its head once again last month when the Parliamentary Joint Committee on Intelligence and Security announced it would be investigating proposed changes to several key pieces of intelligence gathering legislation. Part of these proposed changes included the now-notorious data retention scheme.
Concerned members of the public were asked to contribute to the inquiry, but Anonymous instead decided to protest the proposed changes, rather than sit down for a chat.
Hackers representing Anonymous under the guise of Operation Australia hacked 10 Queensland government websites as a warm-up, saying that it was in protest of the state government tracking its citizens. Following the initial attack and defacement of the state’s online government property, we brought you the news that the hackers had put the local telco scene on notice.
A representative of the group said that it would soon hack and expose the customer records of a national telecommunications provider or ISP to demonstrate that data held by a telco as it would be under the data retention scheme can be breached and exposed online.
A day passed with no word, before the group hinted that the organisation it had breached was in fact AAPT.
Hours later, AAPT’s CEO David Yuile came forward with a statement, saying that one of its servers housed at Melbourne IT had been breached, and the loss of historic customer records had occurred. An investigation kicked off into the breach, but at no time did the telco say that the breach was the work of Anonymous.
Skip ahead to now, and Anonymous is in the process of dumping government and business customer data onto Pastebin for the world to see. This episode is far from over, however. We’re likely to see more data trickle out over the coming days.