Australian MP claims calendar-sharing 'security breach'

A Liberal backbencher has questioned whether a calendar-sharing feature of Microsoft Outlook is a security breach for members of parliament.
Written by AAP , Contributor and  Josh Taylor, Contributor

Liberal backbencher Alby Schultz has questioned whether a calendar-sharing feature of Microsoft's email program Outlook amounts to a security breach for members of parliament (MPs).

Schultz told parliament that he had discovered the "serious security issue" last Thursday, when it was brought to his attention that people using Outlook could see an MP's meeting schedule upon receiving an email from the MP.

"This issue involved the ability of people viewing an email ... to gain visual access to the member's Outlook calendar by simply hovering the cursor over the email address," he told the lower house on Monday.

He raised the matter with the Department of Parliamentary Services (DPS), which administers the parliamentary computer network. This led to one of his staff members in his Cowra electorate office having access to their calendar revoked, but this was restored after his office complained, he said.

He told parliament that he then asked the department a series of questions about when they knew about the breach, and whether it was a glitch or the result of hacking. "The response I got did not address the issue; it simply told the staff to follow a procedure which they already had done and were capable of doing."

Shultz questioned whether this was a "glitch" that occurred during an upgrade to Windows 7 and the latest Office, or whether someone was "hacking" into the parliamentary system.

Schultz's office confirmed to AAP that they have fixed the security issue.

The ABC has reported that up to 50 MPs have had an issue with the upgrade, and the DPS has launched an investigation.

Editorial standards