If you purchase via links on our site, we may receive affiliate commissions.

Census suffers a billion attempted cyberattacks on Census day, Australian Statistician disclosed

Updated on: 20 October 2022

Anna Zhadan
Contributor

ABSC — Image by Nils Versemann / Shutterstock

Australia’s Census digital system was facing constant cyberattacks when it was open, with the number of attempted incidents reaching almost 1 billion on Census day, Australian Statistician Dr David Gruen told the Melbourne Business Analytics Conference.

Back in 2016, four Distributed Denial of Service (DDoS) attacks crashed the Australian Bureau of Statistics’ website on census night, leaving users unable to lodge their forms for over 40 hours. Opposition parties called the small business minister, Michael McCormack, who was responsible for the census, to resign over the crash. Andrew Leigh, then-Assistant Shadow Treasurer, called it “the worst run census in Australian history.”

Following the attacks, much attention was paid to cybersecurity.

“This included having ACSC involved in all relevant procurement decisions for the 2021 Census digital service and, in the leadup to the Census, working with us and our delivery partners, PwC and Amazon Web Services, to simulate several DDoS attacks, as well as enabling ethical hackers to try to compromise our systems, and running scenarios which played out in detail how we would respond if something went wrong,” Gruen explained.

Although the event itself went smoothly, Gruen revealed that there were slightly less than one billion cyberattacks on the system on Census day, August 10, 2021.

In order to safeguard the personal data of Australian citizens, the Australian Bureau of Statistics (ABS) will retain names for no more than 18 months while addresses – for no more than 36 months.

Although Gruen admitted that eliminating all cyberattacks would be an impossible goal, the Bureau takes data security very seriously.

The speech was also tied to the recent Optus data breach, which affected up to 40% of the country’s entire population. Australian cybersecurity minister Clare O'Neil announced to the Parliament that a very substantial reform task will emerge from the incident “of this scale and size.”