Stolen: Personal Details Of 80k Australian Government Employees

Nearly 80,000 public sector workers in South Australia "should assume" their personal information has been accessed in a recent cyber attack, the state's Treasurer says. State government employees advised to change passwords and monitor bank accounts after massive payroll data breach.

Australia is increasingly vulnerable to a crippling cyber attack that will grind the country to a halt overnight, a world expert has warned.

The information obtained by the hackers includes the first and last names of employees, their date of birth, home address, tax file number, bank account details and more. of almost 80,000 South Australian government employees may have been stolen in a cyber attack, with workers advised to assume their personal information has been stolen. 

All employees were advised to take security steps such as changing passwords and security questions used to identify a person while monitoring their accounts for any unusual activity.

The South Australia Privacy Committee, Office of the Australian Information Commissioner and the Australian federal police have been notified about the incident and Australian authorities are reported to believe the breach involved a ransomware attack launched by Russian hackers from five weeks ago. The South Australian treasurer, Rob Lucas, first disclosed on Friday that records of 38,000 government employees had been stolen in a cyber attack, but confirmed the extent of the data breach on Tuesday. 

The attack was carried out against Frontier Software, an external company that has provided the South Australian government’s payroll software for the last 20 years. It affects employees working for the government as of July last year, with only employees at the Department of Education excluded from the hack.In a notice posted on its website Frontier Software said some of its Australian customer systems had been hit be a cyber incident on 13 November and it had begun informing clients. 

Lucas apologised to employees affected saying it was a “very serious breach”. “It’s almost everyone, members of parliament, right through to the premier, also people who serve on government boards and committees... To the extent we can, we are providing the maximum amount of security we can now that this has occurred.”

Rob Lee, founder and CEO of security specialist firm Dragos, has warned Australia's critical infrastructure has been left behind in the race to protect against cyber terrorists. The nation's oil and gas fields and mining sector would be prime targets for a cyber attack. 'Compared to other regions in the world, Australia is behind,' Mr Lee said. 

Public Service Association acting general secretary Natasha Brown said the union was seeking legal advice on behalf of its members. “The government must take full responsibility for the integrity of this very sensitive data,” Brown said. Justin Warren, chair of Electronic Frontiers Australia, said the incident was “all too familiar” and that those affected should be compensated for “the work they have to do to respond to this violation of their privacy... This data breach demonstrates, yet again, that once government or business has your data there is very little you can do if their cybersecurity isn’t good enough,” Warren said. 

SouthAustralia.Gov:    ABC:     Hit Melbourne:      Guardian:     Mail:   CDO Trends:

You Might Also Read:

Australia’s Critical Infrastructure Is Under Constant Attack:

 

« Keeping Women Safe On British Streets
Penetration Testing & Ethical Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

VisionWare

VisionWare

VisionWare provide consulting services and solutions in areas covering both physical and digital security.

SISSDEN

SISSDEN

SISSDEN will improve cybersecurity through the development of increased awareness and the effective sharing of actionable threat information.

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions delivers a range of Industrial Automation and Cyber solutions & services to sectors including Oil & Gas, Chemicals & Petrochemicals, Power and others.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

Meiya Pico Information Co

Meiya Pico Information Co

Meiya Pico is the leading digital forensics and information security products and service provider in China.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.

Virtual Technologies Group (VTG)

Virtual Technologies Group (VTG)

Virtual Technologies Group is a single source, IT product and services provider for SMBs and IT departments, delivering reliable, cost-efficient service, maintenance and support solutions.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.

Boston Government Services (BGS)

Boston Government Services (BGS)

Boston Government Services is an engineering, technology, and security firm providing mission-focused solutions for the clean energy, nuclear, and federal programs markets.