Incident: Data breach hits Department of Social Services credit card system | The Guardian
Australian Information Security Incident Reported: November 24 2017
The Department of Social Services has written to 8,500 current and former employees warning them their personal data held by a contractor has been breached.
Compromised data includes credit card information, employees’ names, user names, work phone numbers, work emails, system passwords, Australian government services number, public service classification and organisation unit.
The department failed to warn staff how long the data was exposed for but a DSS spokesman told Guardian Australia that the contractor, Business Information Services, had advised that the data was open from June 2016 until October 2017. The data related to the period 2004 to 2015.