Stolen: Personal Details Of 80k Australian Government Employees

Uploaded on 2021-12-15 in GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

Nearly 80,000 public sector workers in South Australia "should assume" their personal information has been accessed in a recent cyber attack, the state's Treasurer says. State government employees advised to change passwords and monitor bank accounts after massive payroll data breach.

Australia is increasingly vulnerable to a crippling cyber attack that will grind the country to a halt overnight, a world expert has warned.

The information obtained by the hackers includes the first and last names of employees, their date of birth, home address, tax file number, bank account details and more. of almost 80,000 South Australian government employees may have been stolen in a cyber attack, with workers advised to assume their personal information has been stolen. 

All employees were advised to take security steps such as changing passwords and security questions used to identify a person while monitoring their accounts for any unusual activity.

The South Australia Privacy Committee, Office of the Australian Information Commissioner and the Australian federal police have been notified about the incident and Australian authorities are reported to believe the breach involved a ransomware attack launched by Russian hackers from five weeks ago. The South Australian treasurer, Rob Lucas, first disclosed on Friday that records of 38,000 government employees had been stolen in a cyber attack, but confirmed the extent of the data breach on Tuesday. 

The attack was carried out against Frontier Software, an external company that has provided the South Australian government’s payroll software for the last 20 years. It affects employees working for the government as of July last year, with only employees at the Department of Education excluded from the hack.In a notice posted on its website Frontier Software said some of its Australian customer systems had been hit be a cyber incident on 13 November and it had begun informing clients. 

Lucas apologised to employees affected saying it was a “very serious breach”. “It’s almost everyone, members of parliament, right through to the premier, also people who serve on government boards and committees... To the extent we can, we are providing the maximum amount of security we can now that this has occurred.”

Rob Lee, founder and CEO of security specialist firm Dragos, has warned Australia's critical infrastructure has been left behind in the race to protect against cyber terrorists. The nation's oil and gas fields and mining sector would be prime targets for a cyber attack. 'Compared to other regions in the world, Australia is behind,' Mr Lee said. 

Public Service Association acting general secretary Natasha Brown said the union was seeking legal advice on behalf of its members. “The government must take full responsibility for the integrity of this very sensitive data,” Brown said. Justin Warren, chair of Electronic Frontiers Australia, said the incident was “all too familiar” and that those affected should be compensated for “the work they have to do to respond to this violation of their privacy... This data breach demonstrates, yet again, that once government or business has your data there is very little you can do if their cybersecurity isn’t good enough,” Warren said. 

SouthAustralia.Gov:    ABC:     Hit Melbourne:      Guardian:     Mail:   CDO Trends:

You Might Also Read:

Australia’s Critical Infrastructure Is Under Constant Attack:

 

« Keeping Women Safe On British Streets
Penetration Testing & Ethical Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

AMETIC

AMETIC

AMETIC, is the Association of Electronics, Information and Communications Technologies, Telecommunications and Digital Content Companies in Spain.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Privacy Analytics

Privacy Analytics

Privacy Analytics enables healthcare organizations to unleash the value of sensitive data for secondary purposes without compromising personal health information.

Cyxtera Technologies

Cyxtera Technologies

Cyxtera offers powerful, secure IT infrastructure capabilities paired with agile, dynamic software-defined security.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

Procsima Group

Procsima Group

Procsima Group was created to help you achieve good IT management and security excellence.

Featurespace

Featurespace

Featurespace is a world-leader in Adaptive Behavioural Analytics and creator of the ARIC platform for fraud and risk management.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

Liquid Intelligent Technologies

Liquid Intelligent Technologies

Liquid Intelligent Technologies is a leading communications solutions provider across Africa, providing reliable connectivity, hosting, co-location, and digital services including cyber security.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.

Numen Cyber Technology

Numen Cyber Technology

Numen Cyber Technology is committed to becoming a Threat Discovery and Response expert for corporate customers.

D.med Software

D.med Software

D.med Software is a company with a focus on cybersecurity for embedded software and cloud applications for the medical industry.

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.