Personal details of up to 80,000 SA government employees viewed in a cyberattack
The South Australian government says the personal data of tens of thousands of employees, potentially including the Prime Minister, was accessed in a cyber attack.
- South African government says its external payroll software vendor was victim of ‘cyber incident’
- At least 38,000 employees had access to their personal data
- Up to 80,000 employees could be affected
The government said the records of at least 38,000 employees, but potentially as many as 80,000 workers, were viewed in a cyber attack on third-party payroll software vendor Frontier Software.
The data includes names, dates of birth, tax file numbers, home addresses, bank details, remuneration and pension contributions.
He said Frontier, which has been providing government payroll services since 2001, was the victim of a “cyber ransomware attack” last month and the information was stolen and “posted on the dark web”.
Treasurer Rob Lucas said politicians, including Prime Minister Steven Marshall, may be among those affected.
The Department of Education does not use Frontier.
Mr Lucas said the theft was under investigation and staff were offered support.
“This is obviously a big concern for the government,” he said.
Mr Lucas said the government was first informed on Wednesday evening that state government data had been accessed, but it was confirmed yesterday afternoon that the breach involved employee personal information.
“We acted quickly,” he said.
“As soon as we were able to put information together, provide accurate information to our employees, we did it.”
Mr Lucas said he had no evidence that the personal information was used.
Government employees have been urged to take “precautionary measures” such as contacting their financial institutions and changing their passwords.
“Having the bank details doesn’t give you access to the bank account, but it’s the first step in trying to crack a code in terms of passwords,” Lucas said.
The state government said employee pay cycles would not be affected.
While the impacts of the violation will cost “a significant sum of money”, Mr. Lucas said the government’s main concern is “the well-being of the employees.”
South African Civil Service Association secretary general Nev Kitchin said the situation was “obviously of great concern”.
“We expect the state government to take all possible measures to review its cybersecurity measures to prevent such an event in the future,” he said.
“In the meantime, we expect the government to do everything possible to minimize the effects of this security breach and to provide the support our members need.”
SA government only client concerned
Frontier Software Australia chief executive Nick Southcombe said the company warned customers of a cyberattack last Friday.
“We continue to review and catalog data that we believe has been stolen in our internal business environment, with a primary focus on identifying customer data that may have been stolen,” said Mr. Southcombe. .
“Since the data has only been stolen from our internal corporate environment, we estimate that the number of impacted customers will be very limited.
“If we identify other customers affected by this data theft, we will contact them directly as soon as possible.”
Shadow Treasurer Stephen Mullighan said managing data was a fundamental government responsibility and “it is now clear that the Liberal government of Marshall cannot be trusted to protect the data of Southern Australians.”
“The government must explain why a security breach that arose four weeks ago is only now revealed,” he said.
Ajay Unni, founder and CEO of Sydney cybersecurity firm Stickman Cyber, said there had been a 15% increase in ransomware attacks across all types of organizations last year.
“So some kind of scam will now be created as part of this process and some of this data can also be used for identity theft and also to create false identities,” he said.