Scammers obtained the usernames and passwords to 15 employers’ accounts and used them to post fake job adverts. The department notifed all affected employers and jobseekers and no complaints of personal information being misused have been reported.
While investigating this matter, the department also identified that the scammers would have had the opportunity to access job applications previously made to the 15 employers, though the department has found no evidence of that access having occurred.
As soon as the fraudulent activity was detected, the department immediately closed the relevant accounts and removed the relevant job vacancies from the website.
The department takes IT (information technology) security and the privacy of users seriously and has a comprehensive range of processes in place to monitor activity and remove compromised accounts. In August 2018, the department implemented two-factor authentication for employer accounts to help keep employer accounts as safe as possible.
Online scams are an increasingly common threat of everyday life, and Australian Government sites such as jobactive are not immune to this risk. According to the Australian Competition and Consumer Commission, online job scams account for approximately 60 percent of all job and employment related scams.
Individuals should take all reasonable steps to protect their privacy. All job ads on the jobactive website are posted with a reminder for users not to provide personal information online.
Any employer or person who suspects any unusual activity or possible malicious misuse of your personal information, in relation to this incident, should report their concerns to the National Customer Service Line on 1800 805 260.