This is an HTML version of an attachment to the Freedom of Information request 'Tax Agent Portal security'.

______________________________________________  
From:  
Becker, John   
Sent: 
Tuesday, 29 January 2013 16:04 
To: 
Diment, David 
Subject: 
Daily update - Auskey issue [DLM=FOR-OFFICIAL-USE-ONLY] 
Importance: 
High 
 
David, 
 
Daily progress update for today.  
 
Media and stakeholder approach 
 
  Privacy Commissioner updated   
  Appointment with Jenny Reid and Cameron Sorenson arranged for tomorrow (Jenny off 
today) to bring together  
  Broader media communication strategy 
 T/A 
strategy 
Act 1982 
  Minister briefing (draft prepared) 

[FOIA s 37(1
 
letter – John Box (SNC) preparing 
 
Communication and Update process 
 
  Overall briefing paper as at 25th January provided this morning 
  1st daily briefing update provided 
  Arranged follow up with Todd Heather Thursday morning to establish a plan to 
investigate online access security 
 
Other Actions 
  Hook-up undertaken with John Box (SNC) and Chris Barlow (ITX). Will work with 
Cameron Sorenson tomorrow to contact [FOIA s 47G(1)(a)] agent again, via a senior ATO 
officer, [FOIA s 37(1)(a)]
  
  Further work underway to articulate the level of risk and options in managing should the 
[FOIA s 37(1)(a)]

under FOI 
  Key AC hook – up arranged tomorrow to commence project plan 
  Process maps prepared for AUSkey process, will be worked through at Thursdays EL2 
workshop 
Taxation Office
  Daily sweeps and analysis seems to be holding. Exploring further post event assurances 
to cover broader client base without stopping everything outside of the direct risk group. 
 
regards 
 
 
John Becker 
Assistant Commissioner  
Enterprise Register and Accounts 
Client Account Services 
       08 820 81348  [FOIA s 47F(1)] 
       [email address] 
       www.ato.gov.au  
Released 
 
CAS  I At the Heart of the ATO   
ATO  I Working for all Australians  
 
Australian 
 
1

_____________________________________________  
From:  
Becker, John   
Sent: 
Thursday, 31 January 2013 18:59 
To: 
Quigley, Bruce; Leeper, Geoff 
Cc: 
Diment, David; Ravanello, Robert; Field, Cheryl-Lea; Heather, Todd; Holland, Erin; Reid, Jenny 
Subject: 
FW:  Daily update 31 Jan - Auskey issue [DLM=SENSITIVE] 
Importance: 
High 
 
Geoff and Bruce 
 
By Monday we expect to have the daily updates consolidated into a spreadsheet so we 
can maintain a detailed record/log of our action. We would include for each action; 
 Date 
initiated 
  Who has been allocated the activity and when its expected to be complete 
 Date 
completed 
  Summary of activity (finding, impact, etc…). and any relevant attachments 
 
Act 1982 
Apologies for a fairly weighty update but there has been significant progress today.  
 
Media and stakeholder approach 
 
  A heads up has been provided to the Minister’s office today by Jenny Reid via 
the Departmental Liaison Officer. Further detailed briefing is to be provided next 
week before the Tax Agent broadcast 
  The Tax Agent broadcast is in preparation, early draft completed today (Jenny 
Reid) in conjunction with Cameron Sorensen and John Becker – Request for Tax 
Agents to check their AUSkeys through Credential Manager. A workshop is 
scheduled tomorrow at 12pm with Donna Lawrie (TPALs), Lynne Jones (CAS 
Outbound) and Heather McCafferty (CAS) to design our help desk and escalation 
point response in support, through a designated access number. Expect a final 
draft of the broadcast tomorrow for issue early next week. 
  Met with Paul Malone (FP&II) His team will be provided with the daily update and 
under FOI 
a coordinated approach to any crossover issues will be undertaken. 
 
Interim Mitigation strategy 
Taxation Office
 
  Key EL2 group met today and agreed a strategy to manage the risk until broader 
options are worked through. This will be tested and ratified by the AC group 
meeting Monday. 
  A process map for the incident including relationship picture is being drafted 
for confirmation before distribution. 
  Individual TFNs of agents affected have had their records compromised and 
associated improper AUSkeys cancelled. This should prevent additional 
AUSkeys issuing at this stage for these practices. 
  A tax agent broadcast is being developed to flush out any additional 
fraudulent AUSkeys that are already in place with agents, and encourage 
Released 
increased vigilance by the agent community themselves. 
  We will cease provision of TFN over the phone for tax agents. This seems to 
have been a major feature of the fraudulent AUSkeys. Initial consideration 
Australian 
would indicate it unlikely that a tax agent would not know their TFN. In the 
small number of circumstances (if any) where an agent is genuinely querying 
2


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
3

ATO  I Working for all Australians  
 
 
Act 1982 
under FOI 
Taxation Office
Released 
Australian 
4


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
5


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
6


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
7

regards
John Becker
Assistant Commissioner 
Enterprise Register and Accounts
Client Account Services
       08 820 81348   [FOIA s 47F(1)]
       [email address]
       www.ato.gov.au 
CAS  I At the Heart of the ATO  
ATO  I Working for all Australians 
Act 1982 
under FOI 
Taxation Office
Released 
Australian 
2
8

Date
Summary
4-Feb-13
Media and stakeholder approach
Interim Mitigation Strategy - Tax agents
Interim Mitigation Strategy - Business portal
Act 1982 
under FOI 
Taxation Office
Released 
Australian 
9

Activity/Action
Responsibility 
Act 1982 
under FOI 
Taxation Office
Released 
Australian 
10

Estimated completion date
Completion date
Act 1982 
under FOI 
Taxation Office
Released 
Australian 
11

[FOIA s 37(1)(a)] action register.xls
Summary
Activity/Action
Responsibility 
31-Jan-13
Media and stakeholder approach

Minister provided with briefing
The minister has been provided with a heads up by Jenny Reid via the Departmental 
Jenny Reid
Liaison Officer
Taxagent broadcast
A taxagent broadcast has been developed and is in draft form, 'Request for Tax Agents to 
Jenny Reid
Act 1982 
check their AUSkeys through Credential Manager'. This is expected to be in final draft 
John Becker
tomorrow (1/2/2013) for issue early next week. 
Cameron Sorensen
Escalation point and help desk 
A workshop has been scheduled tomorrow (1/2/2013) to design help desk and escalation 
Donna Lawrie (TPALS)
response
point to manage response through a designated access number.
Lynne Jones (CAS Outbound)
Heather McCafferty (CAS)
Fraud Prevention and Internal 
Daily updates will be provided to Paul Malone and his team, and a coordinated approach to  John Becker
Investigation
any crossover issues will be undertaken as per the discussion held with him today.
Interim Mitigation Strategy
Key EL2 meeting
Agreed a strategy to manage the risk until broader options are worked through. (outlined 
John Becker
below)  These will be tested and ratified by the Key AC meeting on Monday (4/2)
Document process
Heather McCafferty (CAS) and Gary Read (SNC) to document process (outlined below) we  Heather McCafferty
under FOI 
propose to implement ASAP by next week.
Gary Read
Develop process map
John Becker
A process map for the incident including a relationship picture is being drafted.
Taxation Office
Compromise individual taxagent TFN's and improper Auskeys cancelled
John Becker
Tax officers have marked the tax agents TFN as compromised and any associated 
AUSkeys cancelled. No further AUSkeys are to be issued to these tax agents.
Taxagent broadcast
Jenny Reid
Develop tax agent broadcast targetted at flushing out any additional fraudulent AUSkeys, 
John Becker
and encourage increased vigilance by the agent community.
Cameron Sorensen
Cease provision of TFN's over the phone for taxagents
John Becker
No longer provide client TFNs over the phone to tax agents. In the small number of 
circumstances where the query is genuine, tax officers will provide contact via a known safe 
phone number of the agents.
Released 
Previous Activity
For official use only
Page 4
Australian 
12


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
13

[FOIA s 37(1)(a)] action register.xls
Met with Assistant Commissioner of  Preparation of the following;
Jenny Reid (CR)
Public Affairs in Corporate Relations - Minister heads up for Geoff Leeper
John Becker
- Minister briefing for next week
Cameron Sorensen
- tax agent strategy, including a bulletin with a dedicated response phone line
- broader media communication strategy including scenario planning as understanding of 
extent of incident grows
Communication and update process
Meeting with EST
Discussion on the investigation and documenting of online access security risks and options John Becker
Act 1982 
relating to this issue with Todd Heather and Len Kleinman.
Updating the Chief Operating Officer Update provided to the Chief Operating Officer, Robert Ravanello on his return from leave
David Diment
John Becker
Other action
Meeting with [FOIA s 47G(1)(a)] agent
Confirmation that a face to face meeting needed to occur with the agent from [FOIA s 47G(1)(a)],  John Box
[FOIA s 37(1)(a)]
 
Cameron Sorensen
Agreed TPALs director and David Jordan (CAS) to visit preferably Friday.
Chris Barlow
John Becker
Key EL2 meeting
Meeting to be held tomorrow (31/1) to firm up a process map of the fraud and establish an  John Becker
interim mitigation. Process maps prepared for the AUSkey process will be worked through 
at this meeting.
Key AC meeting
Meeting to be held Monday (4/2) to confirm mitigation plan both short and long term.
John Becker
Exploring further analysis
Daily sweeps and data analysis seems to be holding. Further risk factors are to be 
John Becker
considered across 3 tiers - access, operation in the system and payment out.
under FOI 
29-Jan-13
Media and stakeholder approach

Privacy Commissioner updated
The Privacy Commissioner has been updated
John Becker
Taxation Office
Meeting arranged with Assistant 
Meeting arranged to discuss, broader media communication strategy, tax agent strategy 
John Becker
Commissioner of Public Affairs in 
and a minister briefing. Jenny Reid and Cameron Sorensen.
Corporate Relations
[FOIA s 37(
[FOIA s 37(1)(a)]
 Letter
John Box (SNC) preparing a draft letter to be sent to 
John Box
Communication and update process
Briefing paper provided
Overall briefing paper as at 25th January was provided this morning.
John Becker
Daily briefing
The first daily briefing update was provided this morning 
John Becker
Meeting with EST
Meeting arranged for Thursday morning with Todd Heather (EST) to establish a plan to 
John Becker
investigate online access security
Other action
Released 
Previous Activity
For official use only
Page 6
Australian 
14

[FOIA s 37(1)(a)] action register.xls
[FOIA s 47G(1)(a)] agent
Phone hookup with John Box and Chris Barlow to discuss the [FOIA s 47G(1)(a)] agent. Work with  John Becker
Cameron Sorensen tomorrow to contact [FOIA s 47G(1)(a)] agent again, via a senior ATO officer 
[FOIA s 37(1)(a)]
Act 1982 
 
Commence project plan
Key AC hookup arranged for tomorrow to commence the project plan
John Becker
Process maps developed
The process maps have been prepared for AUSkey process and will be worked through 
John Becker
workshop on Thursday with EL2s.
Exploring further analysis
Daily sweeps and data analysis seems to be holding. Exploring further post event 
John Becker
assurances to cover broader client base without stopping everything outside of the direct 
risk group.
23-Jan-13
Out of session Account Integrity Steering Committee held - Action Items identified as;
Form a workgroup
Workgroup to be convened at the Assistant Commissioner level for next week. The 
John Becker
members put forward Greg Topping, Chris Barlow, John Box and Andrew Watson. Others 
to be released as required.
Fifth Tax Agent to be advised
Contact to be made with the fifth tax agent to apprise them of the situation and to be vigilant John Becker
under FOI 
Risk assessment and Mitigation 
Provide copies of these documents to Steve Vesperman to be used for updating 2nd 
Greg Williams
strategy
Commissioners etc
Taxation Office
Briefing paper provided
Develop a paper to take to the 2nd Commissioners for Friday on the status of the issue
John Becker
Briefing paper for Minister
Develop a briefing paper for the Minister
John Becker
Appointment of Main contact
The members agreed the best person to serve as the main point of contact for this work 
AISC members
would be the chairperson of their Business Management Group - John Becker
Released 
Previous Activity
For official use only
Page 7
Australian 
15

[FOIA s 37(1)(a)] action register.xls
Estimated completion dCompletion date
Completed
31-Jan-13
6/02/2013
Act 1982 
8/02/2013
under FOI 
Taxation Office
Completed
Released 
Previous Activity
For official use only
Page 8
Australian 
16

[FOIA s 37(1)(a)] action register.xls
Act 1982 
under FOI 
Taxation Office
30/01/2013
30/01/2013
30/01/2013
30/01/2013
Released 
Previous Activity
For official use only
Page 9
Australian 
17

[FOIA s 37(1)(a)] action register.xls
Act 1982 
31/01/2013
4/02/2013
under FOI 
29/01/2013
29/01/2013
Taxation Office
29/01/2013
30/01/2013
30/01/2013
30/01/2013
29/01/2013
29/01/2013
29/01/2013
29/01/2013
29/01/2013
31/01/2013
Released 
Previous Activity
For official use only
Page 10
Australian 
18

[FOIA s 37(1)(a)] action register.xls
Act 1982 
29/01/2013
29/01/2013
29/01/2013
29/01/2013
23/01/2013
23/01/2013
1/02/2013
1/02/2013
under FOI 
Taxation Office
23/01/2013
23/01/2013
Released 
Previous Activity
For official use only
Page 11
Australian 
19


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
20

with compromise response for around 800 clients, we are deliberately keeping it separate to 
[FOIA s 37(1)(a)], as bracket creep could overwhelm the current focus and resource 
investment. . (Heather McCafferty CAS ) 
       Process maps for suppression and compromise processes are underway to provide 
base options in managing these risks (Emma Cramey CAS) 
regards 
John Becker 
Assistant Commissioner 
Enterprise Register and Accounts 
Client Account Services 
       08 820 81348  [FOIA s 47F(1)] 
       [email address]
       www.ato.gov.au  
CAS  I At the Heart of the ATO   
ATO  I Working for all Australians  
Act 1982 
 
under FOI 
Taxation Office
Released 
Australian 
21


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
22


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
23


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
24

       08 820 81348  [FOIA s 47F(1)] 
       [email address]
       www.ato.gov.au  
CAS  I At the Heart of the ATO   
ATO  I Working for all Australians  
 
Act 1982 
under FOI 
Taxation Office
Released 
Australian 
25


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
26


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
27


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
28


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
29

CORRECTION TO FAIRFAX STORY 
 
It has been reported today that taxpayer information is at risk after criminals stole the 
identity of four tax agents. The report suggested that all Australian taxpayers’ 
information was under threat. This is incorrect. 
 
The identities of four tax agents were stolen and used to fraudulently obtain AUSkeys 
giving access to specialist tax agent online services (tax agent portal). 
 
The ATO has contained the threat and cancelled the AUSkeys. 
 
We are working with the affected tax agents to ensure their practices and information is 
secure. 
 
Act 1982 
Doing business online has benefits, but it also comes with risks. People looking to 
commit identity fraud constantly look for ways to profit so it is critical to remain vigilant 
regarding your personal information and online security.  
 
Online fraud can be complex and multilayered. We are investigating the incident and 
working with relevant law enforcement agencies. 
 
Background - what are AUSkeys? 
 
AUSkeys are the secure, unique identifier agents can use to access the tax agent portal. In 
order to get an AUSkey, people need to pass stringent proof of identity procedures.  
 
An AUSkey gives access to a tax agent’s client list, it does not give access to the 
information of the broader taxpaying community. 
under FOI 
 
In this case, the identity of four tax agents was stolen and this information was used to 
fraudulently obtain AUSkeys. 
Taxation Office
 
 
 
 
Released 
Australian 
30


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
31


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
32


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
33


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
34


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
35


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
36


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
37


Act 1982 
under FOI 
Taxation Office
Released 
Australian 
38