Stolen: Personal Details Of 80k Australian Government Employees

Uploaded on 2021-12-15 in GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

Nearly 80,000 public sector workers in South Australia "should assume" their personal information has been accessed in a recent cyber attack, the state's Treasurer says. State government employees advised to change passwords and monitor bank accounts after massive payroll data breach.

Australia is increasingly vulnerable to a crippling cyber attack that will grind the country to a halt overnight, a world expert has warned.

The information obtained by the hackers includes the first and last names of employees, their date of birth, home address, tax file number, bank account details and more. of almost 80,000 South Australian government employees may have been stolen in a cyber attack, with workers advised to assume their personal information has been stolen. 

All employees were advised to take security steps such as changing passwords and security questions used to identify a person while monitoring their accounts for any unusual activity.

The South Australia Privacy Committee, Office of the Australian Information Commissioner and the Australian federal police have been notified about the incident and Australian authorities are reported to believe the breach involved a ransomware attack launched by Russian hackers from five weeks ago. The South Australian treasurer, Rob Lucas, first disclosed on Friday that records of 38,000 government employees had been stolen in a cyber attack, but confirmed the extent of the data breach on Tuesday. 

The attack was carried out against Frontier Software, an external company that has provided the South Australian government’s payroll software for the last 20 years. It affects employees working for the government as of July last year, with only employees at the Department of Education excluded from the hack.In a notice posted on its website Frontier Software said some of its Australian customer systems had been hit be a cyber incident on 13 November and it had begun informing clients. 

Lucas apologised to employees affected saying it was a “very serious breach”. “It’s almost everyone, members of parliament, right through to the premier, also people who serve on government boards and committees... To the extent we can, we are providing the maximum amount of security we can now that this has occurred.”

Rob Lee, founder and CEO of security specialist firm Dragos, has warned Australia's critical infrastructure has been left behind in the race to protect against cyber terrorists. The nation's oil and gas fields and mining sector would be prime targets for a cyber attack. 'Compared to other regions in the world, Australia is behind,' Mr Lee said. 

Public Service Association acting general secretary Natasha Brown said the union was seeking legal advice on behalf of its members. “The government must take full responsibility for the integrity of this very sensitive data,” Brown said. Justin Warren, chair of Electronic Frontiers Australia, said the incident was “all too familiar” and that those affected should be compensated for “the work they have to do to respond to this violation of their privacy... This data breach demonstrates, yet again, that once government or business has your data there is very little you can do if their cybersecurity isn’t good enough,” Warren said. 

SouthAustralia.Gov:    ABC:     Hit Melbourne:      Guardian:     Mail:   CDO Trends:

You Might Also Read:

Australia’s Critical Infrastructure Is Under Constant Attack:

 

« Keeping Women Safe On British Streets
Penetration Testing & Ethical Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Hex Security

Hex Security

Hex Security Limited is a specialist Information Assurance (IA) consultancy working with associates and partners to deliver security certification and accreditation support.

Tendo Solutions

Tendo Solutions

Tendo Solutions provides intelligence, security, forensics and risk solutions to clients across different sectors and jurisdictions.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.

Savanti Consulting

Savanti Consulting

Savanti provides practitioner-led cyber security services tailored to meet each organisation’s unique requirements.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

Krypsis

Krypsis

Krypsys is an information security company with a focus on helping you defend your information and data against emerging security threats.

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Nclose

Nclose

Nclose is a proudly South African cyber security specialist that has been securing leading enterprises and building our security portfolio since 2006.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.

Information Security Society of Africa – Nigeria (ISSAN)

Information Security Society of Africa – Nigeria (ISSAN)

The Information Security Society of Africa – Nigeria (ISSAN) is a not-for-profit organization dedicated to the protection of Nigeria’s cyberspace.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.

True Corporation

True Corporation

True Corporation is Thailand’s leading Telecom-Tech company, empowering people and businesses with connected solutions that advance society sustainably.