{"id":227677,"date":"2026-03-25T22:50:00","date_gmt":"2026-03-26T02:50:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/25\/government-entities-in-queensland-unaware-of-cybersecurity-vulnerabilities-audit-office-report-finds\/"},"modified":"2026-03-26T01:35:13","modified_gmt":"2026-03-26T05:35:13","slug":"government-entities-in-queensland-unaware-of-cybersecurity-vulnerabilities-audit-office-report-finds","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/25\/government-entities-in-queensland-unaware-of-cybersecurity-vulnerabilities-audit-office-report-finds\/","title":{"rendered":"Government entities in Queensland unaware of cybersecurity vulnerabilities, audit office report finds"},"content":{"rendered":"<p><a href=\"https:\/\/www.abc.net.au\/news\/2026-03-26\/queensland-cybersecurity-audit-highights-gaps\/106497032\">Government entities in Queensland unaware of cybersecurity vulnerabilities, audit office report finds<\/a><\/p>\n<p><a href=\"https:\/\/www.abc.net.au\/news\/2026-03-26\/queensland-cybersecurity-audit-highights-gaps\/106497032\">https:\/\/www.abc.net.au\/news\/2026-03-26\/queensland-cybersecurity-audit-highights-gaps\/106497032<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-25 22:50:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.abc.net.au\">www.abc.net.au<\/a><\/p>\n<p class=\"paragraph_paragraph___QITb\">A cybersecurity audit has gained the &#8220;highest level of access&#8221; to two government entities in Queensland, highlighting serious gaps in the systems.<\/p>\n<p class=\"paragraph_paragraph___QITb\">The auditor-general tested the effectiveness of a state government, local government, and statutory body&#8217;s IT security controls.<\/p>\n<p class=\"paragraph_paragraph___QITb\">Its report noted the entities did not know &#8220;how vulnerable&#8221; they were to third-party cybersecurity threats.<\/p>\n<p class=\"paragraph_paragraph___QITb\">&#8220;In each of the entities, we were able to obtain passwords, access systems, and extract sensitive information outside the intended scope of a third-party user,&#8221; the report said.<\/p>\n<p>&#8220;For two of them, we were able to bypass controls and gain the highest level of access to their IT environments.&#8221;<\/p>\n<p class=\"paragraph_paragraph___QITb\">The report found increasing frequency and sophistication of cyber attacks could expose entities that had weak cybersecurity.<\/p>\n<p class=\"paragraph_paragraph___QITb\">&#8220;Entities that do not manage these risks effectively may experience a cyber attack through a third party, leading to a loss of privacy, financial cost, reputational damage, and other ramifications.&#8221;<\/p>\n<p class=\"paragraph_paragraph___QITb\">As a result of the lack of mitigation controls, the auditor-general noted the entities could not understand the extent of their supply chain risks.<\/p>\n<p class=\"paragraph_paragraph___QITb\">Contracts were also found to be a significant security gap.<\/p>\n<p class=\"paragraph_paragraph___QITb\">&#8220;Only two of 36 contracts we reviewed included requirements for third parties to report their cybersecurity incidents and vulnerabilities,&#8221; the report said.<\/p>\n<p class=\"paragraph_paragraph___QITb\">&#8220;This means that entities can have risks that they are unaware of and therefore cannot effectively manage.&#8221;<\/p>\n<h2 class=\"Typography_base__sj2RP Heading_heading__VGa5B heading_heading__kjfxC Heading_default__Z3p_p Typography_sizeMobile20__NUDn4 Typography_sizeDesktop32__LR_G6 Typography_lineHeightMobile24__crkfh Typography_lineHeightDesktop40__BuoRf Typography_marginBottomMobileSmall__6wx7m Typography_marginBottomDesktopSmall__CboX4 Typography_bold__FqafP Typography_colourInherit__dfnUx Typography_normalise__u5o1s\" data-component=\"Heading\">Risks raised five years ago<\/h2>\n<p class=\"paragraph_paragraph___QITb\">The auditor-general also assessed how the Queensland government&#8217;s housing department, customer services and open data department managed cybersecurity risks in the public sector.<\/p>\n<h3 class=\"Typography_base__sj2RP RelatedCard_heading__S_nm2 Typography_sizeMobile18__eJCIB Typography_lineHeightMobile24__crkfh Typography_bold__FqafP Typography_serif__qU2V5 Typography_colourInherit__dfnUx\" data-component=\"Typography\">Queensland councils scammed out of millions despite warnings<\/h3>\n<p class=\"Typography_base__sj2RP RelatedCard_synopsis__cFwMW Typography_sizeMobile14__u7TGe Typography_lineHeightMobile20___U7Vr Typography_regular__WeIG6 Typography_colourInherit__dfnUx\" data-component=\"Typography\">A year after Gold Coast Council was victim to a fraud attack, Noosa Council was also targeted by a sophisticated artificial intelligence scam.\u00a0<\/p>\n<p class=\"paragraph_paragraph___QITb\">It found the latter was not actively assessing or monitoring third parties&#8217; cyber capability.<\/p>\n<p class=\"paragraph_paragraph___QITb\">&#8220;CDSB [Customer Services, Open&#8230;<\/p>\n<p><a href=\"https:\/\/www.abc.net.au\/news\/2026-03-26\/queensland-cybersecurity-audit-highights-gaps\/106497032\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Government entities in Queensland unaware of cybersecurity vulnerabilities, audit office report finds https:\/\/www.abc.net.au\/news\/2026-03-26\/queensland-cybersecurity-audit-highights-gaps\/106497032 Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":227678,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/live-production.wcms.abc-cdn.net.au\/cf7dfc012b7eb9f3d7a02ca02d599bc3?impolicy=wcms_watermark_news&cropH=1688&cropW=3000&xPos=0&yPos=0&width=862&height=485&imformat=generic","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,57],"class_list":["post-227677","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227677"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227677"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227677\/revisions"}],"predecessor-version":[{"id":227679,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227677\/revisions\/227679"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227678"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}