Incident (Updated): Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet
Australian Information Security Incident Reported: May 14 2020
Australian Phishing Attack April 2020: Citizen data compromised as Service NSW falls victim to phishing attack. | Updated September 2, 2020
The attack involved the illegal accessing of 47 Service NSW staff members’ email accounts.
Service NSW Statement – Service NSW cyber incident
Source: Citizen data compromised as Service NSW falls victim to phishing attack | ZDNet
More reports from: ZDNet.
Updated September 2, 2020 Service NSW still waiting to notify on data breach after four months | iTnews
Blames lengthy review process.
Service NSW is still waiting to notify customers impacted by an email compromise attack against 47 staff members more than four months after it occurred.
Following reports on Thursday morning that a staff member from Service NSW clicked on a suspicious link from an email, the New South Wales government has confirmed it was the target of a malicious phishing attack.
The breach was first thought to have only affected individuals who visited a Service NSW shop front or called the state government service and that those transacting via the app or website channels were not compromised.
But in a statement Thursday afternoon, Service NSW revealed the breach, which occurred on 22 April 2020, had seen customer information held in emails accessed.