Australian Crime Commission bungles revealed
A TOP national security agency has suffered a massive blow-out in breaches of its own security, exposing secret operations to outsiders in a trail of embarrassing Get Smart-style bungles.
Australian Crime Commission staff are increasingly compromising or risking investigations as classified intelligence documents are lost, sensitive equipment is misplaced or stolen, and buildings left exposed in often comical circumstances.
Breaches have risen six-fold over the past five years and include a stressed investigator with a full bladder hearing his car being broken into while urinating on a beach.
Secure cabinets have been left open, a package was sent to the wrong address and a sensitive video conference accidentally beamed into the wrong room.
In a "major security breach" in Melbourne last October, security minutes indicate the ACC was forced to suppress a person's information from the public, change their phone and re-register a vehicle after an investigator left intelligence papers on a car roof.
Left it on the bus
"I left carpark, inadvertently leaving the vehicle log book/folder on the roof tucked under the roof rack of the vehicle," the official explained. "An 'ACC HIGHLY PROTECTED' document has been placed within the vehicle log book/folder (instead of a secure briefcase)."
An investigation by The Daily Telegraph has learned the ACC has recorded at least 48 internal security breaches over the past two years after only 24 cases in the previous three.
Documents obtained under freedom of information reveal secure cabinets are left open and staff share security log-ins with unauthorised colleagues, risking a "severe impact on security and integrity".
The most common breach involved staff taking up to a month to report lost security ID passes for ACC offices after losing them in taxis, drains, buses, pubs, airports or on the way to the optometrist, while some cards were not returned by visitors.
Staff found guilty
In one of 25 cases last year - after rising from only four breaches in 2007 - a video conference was beamed into a room at the ACC Canberra HQ, where an outsider was waiting to be interviewed by human resources. "The interviewee was left alone unmonitored," a minute states.
ACC chief executive John Lawler yesterday admitted the number of breaches was too high but said all cases were reported and investigated because of a positive culture of self-reporting and awareness.
"While the number of security breaches is higher than I would like, I would much prefer to know of security breaches," he said. "The ACC places great importance on the security of its premises, people and information."
Three staff have been found guilty of code of conduct breaches, including the investigator with the full bladder who suffered a 2 per cent pay cut and reprimand, but most cases result in little more than staff counselling, such as the car roof error.
In April 2010, a senior investigator in Sydney left 110MB of files relating to the ACC stored on a laptop he had handed in.