The Australian body that administers welfare programs faces regular attacks from fraudsters and scammers using stolen personal ID information, according to a Senate Estimates hearing.
Services Australia confirmed on May 28 that it had endured 22 attempts at data breaches this year, down from the 85 in 2024-25, and the 56 incidents a year earlier.
Discussion on the topic was prompted by March media reports alleging an outsourced call centre acting on behalf of Centrelink had swept privacy breaches “under the rug” to protect keep its contract with the government body.
While the concerns were raised during Estimates by Liberal Senator Claire Chandler, Services Australia’s Acting General Manager of Operations Management Symone Andersen said there was “no immediate evidence” to substantiate them.
“So a whistleblower has been quoted in this article,” Chandler said.
“The quote says that, ‘There were many times when I was asked by my boss to essentially say that, ‘Yes, this occurred, but it’s not a privacy breach.’ When, according to our resources and our documentation, it is a privacy breach, and we should have reported it.'”
Andersen said Services Australia had undertaken additional quality assurance measures like random call sampling, but said there was no solid evidence found.
Fraud Attempts Growing More Sophisticated
While officials rejected suggestions privacy breaches were being deliberately concealed, the hearing also revealed the growing scale and sophistication of fraud attempts.
Chris Birrer, deputy CEO for payments and integrity, said fraud tactics had moved from grassroots level to more sophisticated methods.
“What we see increasingly is people attempting to impersonate others, and they do that either because of data breaches by companies that we see advertised, where you can buy on the dark web information about a broad range of people, and that can include identifying information that can be used in attempting to subvert the agency’s authentication process, including Medicare card numbers and the like,” Birrer said.
He said Services Australia was constantly monitoring for fraud, a measure that had even resulted in arrests.
“There was an operation where we were successful in searching back people who were sending out millions of text messages and disrupting that activity, where we then found [information] in the apartment,” he said.
“When a search warrant was executed, [there were] hundreds of SIM cards sending out messages, and that resulted in two people being imprisoned.
“Unfortunately, some of the people who were involved in that were conducting their activity from overseas through these people, and were beyond the reach of Australian law enforcement.”
“SIM farms” impersonate government services and send messages to tens of thousands of Australians a month.
Birrer also noted fraudsters had worked to exploit a new system developed to make access to the Medicare Card easier.
Birrer said there were a number of digital scams attempting to trick people into handing over their MyGov log-in details, alongside more amateur attempts by friends and even family members of victims who might try to impersonate someone known to them.
“We’ve got, sort of, protections in place and a layered defence that seeks to address all those risks, but the fact is that there are people who are persistent,” he told the hearing.
Friends Read Free
Copy
Facebook
Tweet
