Authorities are investigating a "concerning" data leak that has resulted in the public release of dozens of high-profile phone numbers, including Prime Minister Anthony Albanese and Opposition leader Sussan Ley.
The information was allegedly obtained by a third-party data site using artificial intelligence to scrape sites, including social media profiles, for user details. It is then collated to create a digital phonebook.
Acting Prime Minister Richard Marles said the government was aware of the breach.
"We've notified authorities, and that is being worked through. But obviously, there is concern," he told reporters on Tuesday morning.
Acting Prime Minister Richard Marles said authorities are looking into the breach. Source: AAP / James Ross
It prompted Ley's office to request that LinkedIn "remove the information" from the Opposition leader's profile.
"This is obviously concerning, and we have reached out to LinkedIn to understand what occurred here. We are waiting for their response," an Opposition spokesperson said.
LinkedIn told SBS News that the third-party use of personal data is prohibited, with the platform having several measures in place to protect users.
"In addition to the technology and teams we've long had in place to stop unauthorised data scraping, we continue to invest in new defences and take legal action when necessary, to detect and prevent our members' information being used without their consent," a LinkedIn spokesperson said in a statement.
The security breach follows new data from the Australian Signals Directorate (ASD), which shows 42 per cent of cyber incidents last year were the result of stolen credentials.
The agency responsible for detecting and disrupting malicious cyber threats released its annual report on Tuesday, revealing a rise of 11 per cent in cyber incidents.
ASD director-general Abigail Bradshaw said the way cyber criminals and state actors are gaining access to organisations, critical infrastructure, and businesses is changing.
"Networks are increasingly not being hacked, but are being breached through compromised or stolen credentials to gain unauthorised access," she said.
In almost half of the incidents impacting large organisations, access was gained using real usernames and passwords, often stolen or bought by cyber criminals on the dark web.
Given that the access is genuine, instead of a hack, it is harder to track.
ASD urged Australians to opt out of using passwords and replace them with multi-factor authentication, among a series of other measures, to keep their families' data safe.
