Stolen: Personal Details Of 80k Australian Government Employees

Uploaded on 2021-12-15 in GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

Nearly 80,000 public sector workers in South Australia "should assume" their personal information has been accessed in a recent cyber attack, the state's Treasurer says. State government employees advised to change passwords and monitor bank accounts after massive payroll data breach.

Australia is increasingly vulnerable to a crippling cyber attack that will grind the country to a halt overnight, a world expert has warned.

The information obtained by the hackers includes the first and last names of employees, their date of birth, home address, tax file number, bank account details and more. of almost 80,000 South Australian government employees may have been stolen in a cyber attack, with workers advised to assume their personal information has been stolen. 

All employees were advised to take security steps such as changing passwords and security questions used to identify a person while monitoring their accounts for any unusual activity.

The South Australia Privacy Committee, Office of the Australian Information Commissioner and the Australian federal police have been notified about the incident and Australian authorities are reported to believe the breach involved a ransomware attack launched by Russian hackers from five weeks ago. The South Australian treasurer, Rob Lucas, first disclosed on Friday that records of 38,000 government employees had been stolen in a cyber attack, but confirmed the extent of the data breach on Tuesday. 

The attack was carried out against Frontier Software, an external company that has provided the South Australian government’s payroll software for the last 20 years. It affects employees working for the government as of July last year, with only employees at the Department of Education excluded from the hack.In a notice posted on its website Frontier Software said some of its Australian customer systems had been hit be a cyber incident on 13 November and it had begun informing clients. 

Lucas apologised to employees affected saying it was a “very serious breach”. “It’s almost everyone, members of parliament, right through to the premier, also people who serve on government boards and committees... To the extent we can, we are providing the maximum amount of security we can now that this has occurred.”

Rob Lee, founder and CEO of security specialist firm Dragos, has warned Australia's critical infrastructure has been left behind in the race to protect against cyber terrorists. The nation's oil and gas fields and mining sector would be prime targets for a cyber attack. 'Compared to other regions in the world, Australia is behind,' Mr Lee said. 

Public Service Association acting general secretary Natasha Brown said the union was seeking legal advice on behalf of its members. “The government must take full responsibility for the integrity of this very sensitive data,” Brown said. Justin Warren, chair of Electronic Frontiers Australia, said the incident was “all too familiar” and that those affected should be compensated for “the work they have to do to respond to this violation of their privacy... This data breach demonstrates, yet again, that once government or business has your data there is very little you can do if their cybersecurity isn’t good enough,” Warren said. 

SouthAustralia.Gov:    ABC:     Hit Melbourne:      Guardian:     Mail:   CDO Trends:

You Might Also Read:

Australia’s Critical Infrastructure Is Under Constant Attack:

 

« Keeping Women Safe On British Streets
Penetration Testing & Ethical Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

BitRaser

BitRaser

BitRaser serves your needs for a managed & certified data erasure solution that can support internal & external corporate audit requirements with traceable reporting.

CryptoTec

CryptoTec

CryptoTec is a provider of security concepts and encryption solutions for secure communication between decentralized computerized systems.

Tempest

Tempest

TEMPEST is a leading provider of IT products and services including solutions for network and application security.

RFA

RFA

RFA is a unique IT, financial cloud and managed cyber-security provider to the financial services and alternative investment sectors.

Cyentia Institute

Cyentia Institute

The Cyentia Institute is a research & data science firm with a mission to advance knowledge in the cybersecurity industry.

Responsible Cyber

Responsible Cyber

Protect yourself with Responsible Cyber’s 360° platform, IMMUNE, arming you with comprehensive support for your business.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

Defentry

Defentry

Defentry have created an Ecosystem that lets our users easily monitor, train and resolve their digital security issues.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity's mission is to provide value by dramatically improving the cybersecurity posture of our clients and business partners.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.