Alleged problems with Australia’s myGov responsible for $373M losses

Australia has reportedly admitted that the nation has been defrauded of at least AU$557 million (US$373 million) in just the last two years.

Investigative journalists with the Australian broadcaster ABC say the government have acknowledged the problem. The broadcaster says “a glaring security gap” allowed the theft.

Fraudsters allegedly created fake accounts with the Australian Taxation Office in the government’s single sign-on service, myGov. The service was created to make it easier and more secure to access government programs, including those offered by the ATO, online.

The criminals reportedly linked the false accounts to the tax records of genuine people. According to the ABC, credentials stolen in previous hacks – notably Medibank and Optus – helped criminals get past ATO gates.

It reportedly took a Freedom of Information petition to get the information.

Last fiscal year, 2022-2023, $320 million ($214 million) was stolen using 8,100 tax accounts. In the previous year, $237 million ($159 million) was illegally taken by accessing 7,500 accounts.

According to its own figures, the government was able to stop 22,000 illegal transfers, or 0.17 percent of total fraudulent TAO transactions, over the two years.

Journalists so far have access only to the latest government figures, which only go up to February, which means the fraud total could rise.

The United States has had historic fraud losses, but it was directly tied to emergency Covid aid and did not necessarily involve its own single sign-on service, Login.gov.

Article Topics

Australia  |  digital identity  |  fraud prevention  |  identity verification  |  myGov (Australia)  |  myGovID