Fishing industry concerned data from site was 'stolen'
ANGRY fishers are demanding answers after a portal containing personal information and allowing them to transfer quotas was left unsecured for more than two weeks.
The Courier-Mail has been told the breach is the "talk of the wharves" with fishermen questioning the ability of Fisheries Queensland to secure personal information, including data created in an expanded vessel tracking system that became mandatory on January 1.
A spokesman for Queensland Fisheries said vessel-tracking data was kept on a separate system to the FishNet Secure site that was reportedly left unsecured from about December 18 to January 3.
Fishermen attempting to log in discovered they could get in to any account on the supposedly protected portal without a password. Fishermen are able to transfer quotas, view their own quota balances and update contact details on the site.
The breach was only recognised within the Department of Agriculture and Fisheries after industry representatives contacted authorities.
Queensland Seafood Industry Association chief executive Eric Perez said four major fishing bodies wrote to the Department on Saturday urgently seeking information about the breach.
"We're keen to know if people have gone in and done some dodgy stuff and what happened," he said.
The breach occurred just as fishermen were moving to a new vessel monitoring system (VMS) that has been beset with supplier issues with many still waiting for equipment that they paid for months ago to be installed.
From January 1 all fishermen were required to be using the VMS, which provides regular tracking of their movements, however a waiver has been issued if they have a receipt.
Opposition Fisheries spokesman Tony Perrett said the government had bungled the roll out of the VMS.
"It is an absolute disgrace that Labor has compromised fisher's valuable intellectual property and put at risk their entire livelihoods by bungling the VMS rollout," he said.
A spokesman for the Department said the security breach on FishNet Secure was fixed 15 minutes after authorities were "made aware of a password issue".
Officials have identified 23 transactions that took place while the system was open and has successfully contacted 21 of the fishermen involved. No unauthorised transactions have been detected.
"The fault is believed to have occurred after a recent software upgrade," the spokesman said.
"Fisheries Queensland is working with the developer of the e-business website FishNet Secure to determine why it stopped working as designed."