Scammers obtained the usernames and passwords to 15 employers’ accounts and used them to post fake job adverts.
This activity was picked up by internal security systems and immediately investigated. The department closed the relevant accounts and removed the job vacancies within 48 hours.
The department has this morning begun the process of notifying all affected employers and job seekers. No complaints of personal information being maliciously misused have been reported.
Online scams are an increasingly common threat of everyday life, and Australian Government sites such as jobactive are not immune to this risk. According to the Australian Competition and Consumer Commission (ACCC), online job scams account for approximately 60 per cent of all job and employment related scams.
The department takes IT security and the privacy of users seriously and has a comprehensive range of processes in place to monitor activity and remove compromised accounts.
Individuals should take all reasonable steps to protect their privacy. All job ads on the jobactive website are posted with a reminder for users not to provide their personal information online.
To help employers keep their accounts as safe as possible, the department is implementing two-factor authentication for employer accounts, commencing in early August.
Any employer or person looking for work on jobactive who suspects any unusual activity or possible malicious misuse of their personal information should report their concerns to the National Customer Service Line on 1800 805 260.