Australia Post isn’t smoking meth, despite what its website may have said

Graham Cluley

Australia Post isn't smoking meth, despite what its website may have said

This weekend visitors to the Australia Post website may have seen a somewhat eyebrow-raising message.

For where the site normally displays “Latest news”, it was instead suggesting that postal workers were trying out a new technique for coping with the Christmas rush:

“We’re smoking meth”

Eagle-eyed customers spotted the bizarre message, and shared snapshots of it on social media. Once Australia Post had been informed of the issue it eventually removed the curious admission from its webpage.

There has been no official explanation that I have seen regarding what went wrong, but one hunch would be that Australia’s Posts “latest news” section is populated with information and updates posted elsewhere in its infrastructure, perhaps via an RSS feed.

If so, it may be that that resource managed to be compromised by hackers, who scrawled their drug-taking graffiti, and it was then seen by a wider audience via the Australia Post eParcel login page.

Post page

Alternatively, of course, it might just have been a very bored employee messing about…

EmailSign up to our newsletter
Security news, advice, and tips.

Australia Post later issued an apology:

“We apologise to our customers for the unauthorised offensive post. The offending message has been removed and we have disabled the account that posted it.”

If that is the case then, hopefully, there is no reason to believe that the webpage’s login code was itself compromised or that any data has been stolen.

But if hackers are able to change the code which is shown on your website there is always the potential that they might embed malicious code or inject a malicious link designed to dupe users.

Keep an eye on your web presence, it’s always better if you can spot a problem yourself before it comes to the attention of your customers.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.

2 comments on “Australia Post isn’t smoking meth, despite what its website may have said”

  1. Anonymous

    Trust me.

    We had full access to the websites master admin code and copied all data and deleted all consigmnets and changed the settings on auto scanning facilitys to purposely delay as many parcels as possible.

    All agency data was deleted from eparcel along with the details of 50000ish consignments..

    They stealing about 80m a year from the business account holders once you can see the data inside the system.

    They steal from everyone so I'm.stealing from them.

    But to see this in the news is truly heart-warming.

    I still have full access to as we took over a number of accounts.

    Data is now for sale for about 50k

    Not to mention all the other methods and customer billing accounts we have access to.

    Love <3 drug trafficking auspost customers

    1. im a person · in reply to Anonymous

      hi wannabe hacker

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.