QUEENSLAND and Federal Government IT networks have gaping security holes and could fail to protect our personal data, two independent reports warn.

Everything from Medicare details to tax information is at risk - but it might already be too late with notorious hacking group ``Anonymous'' this week boasting it is preparing to release sensitive Defence Department files.

In a threat on data dumping site Pastebin, the mysterious group warned of the imminent release of up to 8 gigabytes of data from cyber security taskforces around the world.

The data included law enforcement documents including ``files from Australia's ministry of defence''.

It came after Federal Attorney-General Robert McClelland released the findings of last year's ``Cyber Storm'' cyber war games with 12 other countries which cited ``gaps'' in the Government's cyber security.

``It's exactly the reason why these kind of exercises are undertaken,'' Mr McClelland said after revealing the findings.

``The community should not underestimate the scale of the issue we're facing here. The cyber threat to Australia is real, evolving and a growing test to our defences.''

Meanwhile, the State Government is working to secure its own networks after a scathing report by Auditor-General Glenn Poole revealed there had been several ``security compromises'' in the past two years.

The audit of seven Queensland agencies, including the Queensland Treasury Corporation and the Department of Education, said the compromises may not have occurred if the Government had heeded the warnings of a similar audit in 2009.

The Government could not even detect ``surreptitious entry'' into some networks, the report said.

Six of the seven networks had inadequate controls over firewalls and internet gateways, while five had no software to detect unauthorised intrusions.

``The extent of security risk is not well understood at the whole-of-government level,'' Mr Poole said.

``Half of the... agencies audited identified that there had been some form of network security compromise in the previous two years.

``Given the threats to security due to the internet and constant technological advancement, agencies need to give more attention to network security. If the issues (in the 2009 audit) had been addressed, it is likely some security compromises may not have occurred.''

Department of Public Works Acting Associate Director-General Andrew Spina could not say what the ``security compromises'' involved.

``The (Department) intends to review all of the issues raised by the Auditor-General in relation to the management of ICT security risks,'' he said.

Originally published as Your personal files at mercy of hackers