Stolen: Personal Details Of 80k Australian Government Employees

Uploaded on 2021-12-15 in GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

Nearly 80,000 public sector workers in South Australia "should assume" their personal information has been accessed in a recent cyber attack, the state's Treasurer says. State government employees advised to change passwords and monitor bank accounts after massive payroll data breach.

Australia is increasingly vulnerable to a crippling cyber attack that will grind the country to a halt overnight, a world expert has warned.

The information obtained by the hackers includes the first and last names of employees, their date of birth, home address, tax file number, bank account details and more. of almost 80,000 South Australian government employees may have been stolen in a cyber attack, with workers advised to assume their personal information has been stolen. 

All employees were advised to take security steps such as changing passwords and security questions used to identify a person while monitoring their accounts for any unusual activity.

The South Australia Privacy Committee, Office of the Australian Information Commissioner and the Australian federal police have been notified about the incident and Australian authorities are reported to believe the breach involved a ransomware attack launched by Russian hackers from five weeks ago. The South Australian treasurer, Rob Lucas, first disclosed on Friday that records of 38,000 government employees had been stolen in a cyber attack, but confirmed the extent of the data breach on Tuesday. 

The attack was carried out against Frontier Software, an external company that has provided the South Australian government’s payroll software for the last 20 years. It affects employees working for the government as of July last year, with only employees at the Department of Education excluded from the hack.In a notice posted on its website Frontier Software said some of its Australian customer systems had been hit be a cyber incident on 13 November and it had begun informing clients. 

Lucas apologised to employees affected saying it was a “very serious breach”. “It’s almost everyone, members of parliament, right through to the premier, also people who serve on government boards and committees... To the extent we can, we are providing the maximum amount of security we can now that this has occurred.”

Rob Lee, founder and CEO of security specialist firm Dragos, has warned Australia's critical infrastructure has been left behind in the race to protect against cyber terrorists. The nation's oil and gas fields and mining sector would be prime targets for a cyber attack. 'Compared to other regions in the world, Australia is behind,' Mr Lee said. 

Public Service Association acting general secretary Natasha Brown said the union was seeking legal advice on behalf of its members. “The government must take full responsibility for the integrity of this very sensitive data,” Brown said. Justin Warren, chair of Electronic Frontiers Australia, said the incident was “all too familiar” and that those affected should be compensated for “the work they have to do to respond to this violation of their privacy... This data breach demonstrates, yet again, that once government or business has your data there is very little you can do if their cybersecurity isn’t good enough,” Warren said. 

SouthAustralia.Gov:    ABC:     Hit Melbourne:      Guardian:     Mail:   CDO Trends:

You Might Also Read:

Australia’s Critical Infrastructure Is Under Constant Attack:

 

« Keeping Women Safe On British Streets
Penetration Testing & Ethical Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Sophos

Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

OPSWAT

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure.

SolutionsPT

SolutionsPT

SolutionsPT enables customers to strengthen their Operational Technology (OT) network to meet the ever increasing demand for performance, availability, connectivity and security.

CryptoTec

CryptoTec

CryptoTec is a provider of security concepts and encryption solutions for secure communication between decentralized computerized systems.

SafeLogic

SafeLogic

SafeLogic provides strong encryption products for solutions in mobile, server, Cloud, appliance, wearable, and IoT environments that are pursuing compliance to strict regulatory requirements.

KeyXentic

KeyXentic

KeyXentic Inc. is a professional mobile and data security service provider. We are devoted to design convenient and strong security for user’s data protection and privacy without any compromise.

Quside

Quside

Quside, a spin-off from The Institute of Photonic Sciences in Barcelona, designs and manufactures innovative quantum technologies for a wide range of applications including cyber security.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.

Servadus

Servadus

Servadus help organizations with their cybersecurity and compliance programs through management and sustainability, consulting, and assessing.

Platview Technologies

Platview Technologies

Platview Technologies is an innovative and agile cybersecurity company with the goal of safe-guarding businesses with our world-class, industry-leading services and technology solutions.