Labor Demands Explanation Over Alleged NDIS Portal Shutdown
10 September 2018 at 5:25 pm
Labor is demanding the federal government explain the ramifications of a privacy breach which allegedly saw an temporary shutdown of the National Disability Insurance Scheme online portal.
As reported by the Australian, a security flaw in the portal allowed fraudulent operators to “search random numbers” and “bring up private information” of people with disability and steal thousands of dollars.
“The portal flaw allowed any participant or registered provider to to guess a nine-digit plan number in the search function and bring up random support packages from participants,” the report said.
The National Disability Insurance Agency issued a notice of “enhancement” on their payments portal on Thursday night, and posted a memo apologising for any inconvenience it may have caused for users.
“The NDIA apologises for any inconvenience the temporary unavailability of the myplace provider portal may cause,” the memo said.
“This enhancement will assist you to more effectively find and link with the participant you are providing services to.”
Labor’s shadow social services minister, Linda Burney, said on Friday the Social Services Minister Paul Fletcher “needed to immediately” explain what the ramifications of this breach would be, and why the breach occurred in the first place.
“The NDIS exists to improve the lives of people with disability… the government should really have sorted these kinds of issues at this stage of the rollout,” Burney said.
“How many people were affected by this privacy breach? Have affected people been notified? Has fraud occurred and to what extent? When will the NDIA online system be functional again?” Burney said.
Minister Fletcher refused to provide direct comment to Pro Bono News on the matter, but a spokesperson for the minister said contrary to reports, the portal never closed down.
The NDIS also refused Pro Bono News’ request for comment, but in a statement released on their website on Thursday, said they had already identified a “small number” of providers who sought to exploit the NDIS.
“As a result of these ongoing investigations, a number of providers have been blocked from accessing payments while suspicious claims are being investigated, to ensure participants are protected,” the statement said.
It said the agency had commenced contacting a small number of impacted participants.
“The NDIA will ensure participants funds are reinstated, where appropriate, and is continuously improving systems and controls as the NDIS, a major national reform, is implemented across Australia,” it said.