A senior federal bureaucrat who ordered a trove of parliamentary emails to be released to a private company previously hacked by Russian criminals says she believed her own department’s cybersecurity risk assessment was “overrated”.

Jaala Hinchcliffe, the Parliamentary Services Secretary, has conceded she should have sought advice from the Clerk of the Senate before instructing her department to send hundreds of thousands – possibly millions – of emails and documents to a third party.

Hinchcliffe is now facing calls from the opposition for her conduct to be investigated. She has also been instructed by parliament’s presiding officers to retrieve the data for safe storage.

Federal politicians are worried that their confidential communications may have been compromised.

Hinchcliffe was

See Full Page