Public servants hacked emails to leak the potential use of software that could shut fire stations to a union boss and a senior government minister.
The internal communications hacking at the then-named Melbourne Fire Brigade was revealed by the Independent Broad-based Anti-corruption Commission (IBAC) on Wednesday.
Victorian branch secretary Peter Marshall worked with senior staff to access the unauthorised data after becoming convinced he was the subject of a bullying investigation by WorkSafe, according to the report.
He was also leaked a Melbourne Fire Brigade PowerPoint detailing proposed use of fire incident response simulation software, which he passed on to then-emergency services minister Lisa Neville.
"Mr Marshall had received this document as a result of an unknown MFB employee disclosing it without authority," the report read.
The PowerPoint contained a pitch for the brigade to get a third party's software services to help it close stations and reallocate resources.
Ms Neville later attended a meeting with the then-Melbourne Fire Brigade chief executive and board president where she presented a printed copy of the document and asked why the software was being considered.
"Following their explanation to the minister regarding the software, she said, 'You can't have it'," the report read.
"The CEO's evidence was that they believed Mr Marshall had influenced the minister before her meeting with the CEO with the intention of stopping MFB purchasing the software."
IBAC investigation uncovers problematic workplace culture at MFB leading to misuse of sensitive information. — IBAC (@ibacVic) https://t.co/b0IAzAzjtKSeptember 24, 2024
Mr Marshall told the commission he thought the CEO was seeking the software to reduce firefighter and fire truck numbers, which he believed would breach the enterprise agreement and jeopardise crew and public safety.
The commission identified five separate incidents where Melbourne Fire Brigade information was accessed or disclosed without authorisation between April 2018 and May 2019.
Three of these incidents involved public servants from the brigade's information and communications services business area.
"Individuals involved were motivated to misuse MFB information to further the interests of the Victorian branch of the United Firefighters Union or its secretary, Peter Marshall," the report read.
"IBAC's investigation also found that Mr Marshall sought assistance from employees to inappropriately gather sensitive information on internal investigations related to him, executive contracts and another confidential organisational matter."
Attorney-General Jaclyn Symes said the report was a reminder to staff as to what's workplace appropriate.
"It's a wake-up call for anyone who might consider that it's not a big deal to give sensitive information to someone," she said.
Union boss Peter Marshall had access to unauthorised data, a report says. (Morgan Hancock/AAP PHOTOS)
Shadow attorney-general Michael O'Brien said the report exposed major issues in the state's billion-dollar firefighting sector.
"We see culture of leaking, a culture of bullying, a culture of inappropriate access to material," he said.
The commission found the brigade's internal information was communicated directly to Mr Marshall without the knowledge of its executives.
While Mr Marshall had a broad right to Melbourne Fire Brigade documents through his role, there was no evidence of notice given to management for that to happen in the incidents identified.
The report said there was a "problematic and dysfunctional culture, including bullying and threatening behaviour towards those not supportive of the union" within the Melbourne Fire Brigade.
The brigade was abolished in 2020 and absorbed into the newly created Fire Rescue Victoria.
Four recommendations were made to Fire Rescue Victoria to address corruption risks and improve workplace culture and information security, with IBAC requesting a progress report on action taken in six months' time and a full report on its outcomes within 12 months.