A Recent ACAT Decision on Hacking Incident
Posted
A recent hacking related debt recovery decision handed down by the ACAT highlighted where the responsibility lies to ensure correct payment details are used when transferring funds electronically.
In this case, a Canberra equipment supplier who had been engaged by a hydraulics company had its email account hacked the day before an invoice was issued to the hydraulics company. This resulted in the hydraulics company receiving an email advising the bank details of the Canberra equipment hire company had changed requesting payment be made into an alternate account. As a result, the hydraulics company paid the invoice into the wrong account.
The ACAT determined that it is the payer’s responsibility to ensure the transfer is made to the right place. It doesn’t matter whose system was hacked. The hydraulics company may have a claim against the hacker to recover the mistaken payment, however, it was not relevant to the proceedings.
In light of this decision, MBA would like to remind Members to:
- Verbally confirm bank account details before making any payment to an unverified bank account
- Check your terms with your ban and your insurance policies
- Practice good IT management
- Promote cyber awareness at work
Thanks to Meyer Vandenberg Lawyers for providing the article on the case. If you wish to read full article or the case, please click here.
If you have a payment dispute or need someone to review your cyber management system, we are here to help. Please contact our Master Builders Workplace Relations and Legal Team on (02) 6175 5900.
