Australia’s main political parties and parliament were hit by a “malicious intrusion” on their computer networks, Prime Minister Scott Morrison said.
The cyber-attack revealed two weeks ago was carried out by a “sophisticated state actor”, he said.
But he added there was “no evidence of any electoral interference”. The nation will hold an election within months.
The attack being investigated was at first thought to involve only the parliament’s servers.
“During the course of this work, we also became aware that the networks of some political parties – Liberal, Labor and Nationals – have also been affected,” Mr Morrison told the House of Representatives on Monday.
Who might have been behind it?
The Australian prime minister did not say which foreign state was under suspicion, adding he would not provide additional detail on “operational matters”.
The Australian government has faced a number of cyber-attacks in recent years, some of which have been attributed in local media to nations such as China.
Fergus Hanson, cyber security expert at the Australian Strategic Policy Institute, put China “at the top” of the list of suspects but said he “wouldn’t rule out” Russia also being responsible.
Chinese foreign ministry spokesman Geng Shuang said the accusations were “groundless” and “made up out of thin air with ulterior motives”.
He urged media organisations to “stop the words and actions” that can harm “China’s bilateral relations with relevant countries”.
How extensive was the hack?
The Australian Cyber Security Centre said that although party systems had been compromised, it was not yet known if information had been stolen.
Mr Morrison, who leads the Liberal-National coalition, said: “We have put in place a number of measures to ensure the integrity of our electoral system.”
He added that security officials had briefed the nation’s electoral bodies and would provide support to all political parties.
Labor leader Bill Shorten said the cyber-attack was “of grave concern” following instances of “malicious activity” in other nations.
“We cannot be complacent and, as this most recent activity reported by the prime minister indicates, we are not exempt or immune,” he said.
In 2015 and 2016, there were high-profile attacks on the government’s weather and statistics agencies. In 2011, senior Australian ministers also had their email systems breached.
After the attack on the parliament’s computer network, officials said there was “no evidence” that information had been accessed or stolen.
However, politicians’ passwords had been reset as a precaution.